[House Hearing, 116 Congress]
[From the U.S. Government Publishing Office]
2020 ELECTION SECURITY - PERSPECTIVES FROM
VOTING SYSTEM VENDORS AND EXPERTS
=======================================================================
HEARING
BEFORE THE
COMMITTEE ON HOUSE
ADMINISTRATION
HOUSE OF REPRESENTATIVES
ONE HUNDRED SIXTEENTH CONGRESS
SECOND SESSION
----------
JANUARY 9, 2020
----------
Printed for the use of the Committee on House Administration
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]
Available on the Internet:
http://www.govinfo.gov/committee/house-administration
__________
U.S. GOVERNMENT PUBLISHING OFFICE
41-318 WASHINGTON : 2020
--------------------------------------------------------------------------------------
Committee on House Administration
ZOE LOFGREN, California, Chairperson
JAMIE RASKIN, Maryland RODNEY DAVIS, Illinois,
SUSAN A. DAVIS, California Ranking Member
G. K. BUTTERFIELD, North Carolina MARK WALKER, North Carolina
MARCIA L. FUDGE, Ohio BARRY LOUDERMILK, Georgia
PETE AGUILAR, California
C O N T E N T S
----------
JANUARY 9, 2020
Page
2020 Election Security--Perspectives From Voting System Vendors
and Experts.................................................... 1
OPENING STATEMENTS
Chairperson Zoe Lofgren.......................................... 1
Prepared statement of Chairperson Lofgren.................... 3
Hon. Rodney Davis, Ranking Member................................ 5
Prepared statement of Ranking Member Davis................... 7
WITNESSES
Tom Burt, President and CEO, Election Systems & Software......... 10
Prepared statement of Mr. Burt............................... 13
John Poulos, President and CEO, Dominion Voting Systems.......... 22
Prepared statement of Mr. Poulos............................. 24
Julie Mathis, President and CEO, Hart InterCivic................. 28
Prepared statement of Ms. Mathis............................. 30
Liz Howard, Counsel, Brennan Center for Justice.................. 66
Prepared statement of Ms. Howard............................. 68
Matt Blaze, Professor of Law, Georgetown University Law Center... 120
Prepared statement of Mr. Blaze.............................. 122
Juan Gilbert, Ph.D., Banks Family Preeminence Endowed Professor,
University of Florida.......................................... 138
Prepared statement of Dr. Gilbert............................ 140
Rev. T. Anthony Spearman, President, North Carolina NAACP........ 158
Prepared statement of Rev. Spearman.......................... 160
Hon. Don Palmer, Commissioner, Election Assistance Commission.... 166
Prepared statement of Hon. Palmer............................ 168
Michael C. Gianasi, County Clerk and Recorder, Christian County,
Illinois....................................................... 172
Prepared statement of Mr. Gianasi............................ 174
QUESTIONS FOR THE RECORD
Tom Burt, President and CEO, Election Systems & Software, answers
to submitted questions......................................... 182
John Poulos, President and CEO, Dominion Voting Systems, answers
to submitted questions......................................... 216
Julie Mathis, President and CEO, Hart InterCivic, answers to
submitted questions............................................ 237
Liz Howard, Counsel, Brennan Center for Justice, answers to
submitted questions............................................ 269
Matt Blaze, Professor of Law, Georgetown University Law Center,
answers to submitted questions \1\.............................
Juan Gilbert, Ph.D., Banks Family Preeminence Endowed Professor,
University of Florida, answers to submitted questions.......... 281
Rev. T. Anthony Spearman, President, North Carolina NAACP,
answers to submitted questions................................. 284
Hon. Don Palmer, Commissioner, Election Assistance Commission,
answers to submitted questions................................. 286
SUBMISSIONS FOR THE RECORD
Securing the Vote: Protecting American Democracy, The National
Academies of Sciences, Engineering, Medicine, a Consensus Study
Report......................................................... 291
Electronic Privacy Information Center, Letter.................... 472
__________
\1\ Mr. Blaze did not answer submitted questions for the record by the
time of printing.
2020 ELECTION SECURITY--PERSPECTIVES FROM VOTING SYSTEM VENDORS AND
EXPERTS
----------
THURSDAY, JANUARY 9, 2020
House of Representatives,
Committee on House Administration,
Washington, DC.
The Committee met, pursuant to call, at 10:03 a.m., in Room
1310, Longworth House Office Building, Hon. Zoe Lofgren
[Chairperson of the Committee] presiding.
Present: Representatives Lofgren, Raskin, Davis of
California, Butterfield, Fudge, Aguilar, Davis of Illinois, and
Walker.
Staff Present: Sean Jones, Legislative Clerk; Jamie Fleet,
Staff Director; Mariam Malik, Staff Assistant; Hannah Carr;
Staff Assistant; Stephen Spaulding, Elections Counsel; Georgina
Cannan, Elections Counsel; Peter Whippy, Communications
Director; Eddie Flaherty, Chief Clerk; David Tucker, Senior
Counsel and Parliamentarian; Courtney Parella, Minority
Communications Director; Jen Daulby, Minority Staff Director;
Cole Felder, Minority General Counsel; Tim Monahan, Minority
Deputy Staff Director; and Nick Crocker, Minority Director,
Member Services.
The Chairperson. Welcome, everybody, and good morning. We
are waiting for Committee Members to arrive any moment, but
while we are waiting we will begin with our opening statements.
I would like to note that our Committee is charged with
overseeing the administration of Federal elections. Today's
hearing will help us fulfill that responsibility by providing
an opportunity to hear from the vendors of most of our
country's voting systems. This is the first time the Chief
Executive Officers of the three major vendors have appeared
together in a congressional hearing. The companies they
represent provide at least 80 percent of the estimated 350,000
voting machines in use today, reaching over 100 million
registered voters.
However, despite their outsized role in the mechanics of
our democracy, some have accused these companies of obfuscating
and, in some cases, misleading election administrators and the
American public. Others suggest there is an insufficient
regulatory structure for this sector.
In the Committee's May 2019 hearing on election security,
Lawrence Norden of the Brennan Center for Justice wrote in his
testimony that, and I quote, ``there are more Federal
regulations for ballpoint pens and magic markers than there are
for voting systems and other parts of our election
infrastructure.'' There may be more work to do and much for
Congress to learn about this industry.
Many have concerns about voting systems with remote access
software, and I think we want to make sure that companies no
longer sell voting machines that have network capabilities. In
2019, according to a report in Motherboard, a group of election
security experts, they uncovered that backend election systems
in at least 10 states were connected to the internet despite
one company's claim that its systems were not.
We need also to understand supply chains. In December 2019,
a study released by Enteros, a supply chain monitoring company,
showed that one-fifth, or 20 percent, of the components in a
popular voting machine came from China-based companies.
Furthermore, close to two-thirds or actually 59 percent of
suppliers within that machine's supply chain had locations in
either China or Russia. Enteros didn't name the vendor that
manufactured the voting machine but said that it was widely
used.
I have also heard concerns about the ownership and control
of voting machine vendors. Public reporting indicates that all
three of the major voting system vendors represented here today
are privately held or are partially controlled by private
equity firms. I believe it is in the public interest for
Congress to better understand who could financially benefit
from the administration of our elections.
There are also, of course, threats to our voting
infrastructure. We learned in Special Counsel Mueller's report
that Russia intelligence officers targeted employees of a
voting technology company that developed software to manage
voter rolls and installed malware on the company network. We
also know that our own voluntary voting system guidelines have
not been substantially updated since 2005 before the iPhone was
even available. It then took the EAC another decade to make
small changes, which were adopted in 2015, almost 5 years ago.
So there is more we have to do together to bolster public
confidence and trust in our election systems. That is why this
Congress has acted. Last June, the House passed H.R. 2722, the
SAFE Act, that would require individual durable voter verified
paper ballots. It would require strict cyber security
standards. It would require risk-limiting audits, prohibit
wireless and internet connectivity, and create accountability
mechanisms for election technology vendors. The bill awaits
consideration in the Senate.
Just last month, Congress appropriated $425 million to the
States to improve election security. This builds on the $380
million Congress appropriated in 2018. Securing our elections
should not be a partisan issue. Election security is about
upholding a democracy of, by, and for the people, the American
people, be they Republican, Democratic, third party, or no
party at all. Our democracy is resilient, but it relies on
everyone having their vote counted as cast.
I now recognize our Ranking Member, Mr. Davis, for any
opening statement he may wish to make.
[The statement of The Chairperson follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
Mr. Davis of Illinois. Thank you, Madam Chairperson.
Especially, also thank you for holding this necessary, long
overdue hearing that I've been looking forward to since the
beginning of this Congress. I also want to thank all of our
witnesses for taking the time to be here today to discuss the
very important issues regarding elections and election security
and elections administration.
My agenda since becoming the Ranking Member of this
Committee has been and continues to be focused on nonpartisan
and effective oversight of our Nation's elections, which are
maintained by the States, not the Federal Government. But that
does not mean that this Committee and the House itself does not
have an important oversight role to play in securing elections.
Our witnesses here today have state, county, and local
jurisdictions as clients who know their electorate best. We
also have witnesses who have experience with running those
elections, but we know that threats from foreign actors to our
Nation's elections are not going away.
It should be noted from the Senate Intelligence Committee's
report on the 2016 election, there were, quote, ``no
indications that votes were changed, vote tallying systems were
manipulated, or that any voter registration data was altered or
deleted,'', by Russia or any foreign actor.
DHS Assistant Secretary Jeanette Manfra said in the Senate
Intel's opening hearing in June of 2017 that, quote, ``we do
not--we do have confidence in the overall integrity of our
electoral system because our voting infrastructure is
fundamentally resilient.''. While we have faith in the
electoral system, we still have a responsibility to strengthen
the relationship between States and the Federal Government to
ensure that Americans' votes are and will continue to be
protected.
There has been some disagreement with my colleagues across
the aisle on how best to accomplish this mission, but I believe
our goal is the same. Instead of getting into a long-winded
debate today between paper versus electronic, State versus
Federal, let's instead focus our efforts on areas within our
Federal reach that need improvement, areas where we may come to
a bipartisan agreement as we have seen in this Committee and
many times in the past.
This Committee created and passed the Help America Vote Act
of 2002 (HAVA), which provided much-needed funds to states so
that they could update their election security and voting
infrastructure and created the Election Assistance Commission
or EAC. One notable requirement of HAVA was for the EAC to
create a set of specifications and requirements against which
voting systems can be tested called the Voluntary Voting
Systems Guideline, or VVSG. The EAC adopted the first VVSG in
December of 2005 and approved an updated version, VVSG 1.1, in
January of 2016. Now we are currently waiting for the EAC to
produce the newest guidelines, the VVSG 2.0.
This year, our Committee should hold a hearing with the EAC
to discuss this voting guideline development process and
several other processes within our jurisdiction.
Perhaps we should not only focus on the EAC but, instead,
HAVA itself. The Help America Vote Act was originally created
in 2002 following the 2000 Presidential election and its many
issues with paper ballots and ballot marking devices, much like
we will be discussing today.
There have been many developments in voting systems
technology that are not addressed in the original HAVA language
like e-pollbooks and securing online registration databases. It
has been almost 20 years since this law has been updated, and
with the recent developments in election security and
technology, it is time to modernize these laws again and
incentivize new, more secure infrastructure development from
vendors like each of you.
Also, let's recognize the steps we have taken this Congress
alone to secure our elections. As Chairperson Lofgren said, the
Fiscal Year 2020 National Defense Authorization recently
enacted last month contained several provisions related to
election security. Most involved providing Congress, Federal,
or State agencies with information about election interference,
something that was in the election security bill I introduced,
H.R. 3412, the Election Security Assistance Act. It also
requires the Director of National Intelligence, in coordination
with several other agencies, to develop a strategy for
countering Russian cyberattacks against U.S. elections, another
provision I had in my bill.
In addition to the NDAA, the recent appropriations, as
Chairperson Lofgren said, included $425 million for payments to
States, territories, and the District of Columbia to make
general improvements to the administration of Federal elections
including upgrades to election technology and security.
Much has been done, but we still have much to do, which is
why you are all here with us today. A fundamental right of our
Nation's ability is to choose our leaders. The American people
deserve that right to be protected. We should secure and
protect our Nation's elections without partisan politics, and I
hope we can remember that not only during this hearing but also
for the duration of this Congress.
Thank you, Madam Chairperson. I yield back.
[The statement of Mr. Davis of Illinois follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you.
The gentleman yields back.
All other Members are invited to submit an opening
statement for the record without objection.
At this point, I would like to welcome our witnesses. Thank
you for being here today. Joining us are the President and CEO
of Election Systems & Software, Mr. Tom Burt; President and CEO
of Dominion Voting Systems, Mr. John Poulos; and President and
CEO of Hart InterCivic, Julie Mathis.
I would like to introduce each of the witnesses. First, Mr.
Burt. Tom Burt became President and CEO of Elections Systems &
Software in 2015. He joined E&S in 2008, leading sales,
customer services, operations, and the product departments.
Before joining ES&S, Mr. Burt developed his general management
and sales leadership at McMaster Carr, a supply company, and
Anderson Consulting where he served in a variety of executive
management roles.
John Poulos is the founding President and CEO of Dominion.
In this role, he leads the company's overall business strategy
and operations. Since its inception in 2003, Dominion has grown
to support over 1,200 jurisdictions across North America. He
holds a Bachelor of Arts degree in electrical engineering from
the University of Toronto as well as a Master's of Business
Administration degree from INSEAD, Fontainebleau, France.
Julie Mathis joined Hart in 2014 but became its CEO just 9
days ago, so congratulations. She has previously served as
President and CFO of the company. Prior to joining Hart, she
served as Vice President of finance at Dell. Ms. Mathis holds a
Bachelor of Business Administration degree in accounting from
the University of Texas at Austin and is a Certified Public
Accountant.
I would at this point ask unanimous consent that all
Members have 5 legislative days to revise and extend their
remarks and their written statements be made part of the
record.
And, without objection, that is so ordered.
I would also like to remind witnesses that their entire
written statements will be made part of the record and that the
record will remain open for at least five days for additional
materials to be submitted.
At this point, I would ask each of the witnesses to stand
and raise their right hand.
[Witnesses sworn.]
The Chairperson. The record will reflect that all three
witnesses answered in the affirmative.
We will first recognize you, Mr. Burt, for your testimony.
TESTIMONY OF TOM BURT, PRESIDENT AND CEO, ELECTION SYSTEMS &
SOFTWARE, OMAHA, NEBRASKA; JOHN POULOS, PRESIDENT AND CEO,
DOMINION VOTING SYSTEMS, DENVER, COLORADO; AND JULIE MATHIS,
PRESIDENT AND CEO, HART INTERCIVIC, AUSTIN, TEXAS.
TESTIMONY OF TOM BURT
Mr. Burt. Thank you.
Chairperson Lofgren, Ranking Member Davis, and Members of
the House Administration Committee, thank you for the
opportunity to testify on the vitally important subject of
election security. My name is Tom Burt, and I am CEO of
Elections Systems & Software. I'm encouraged to see the growing
attention to stronger security for elections, and I'm thankful
for the additional recent funding to the States provided by
Congress under your leadership.
Founded 40 years ago, ES&S' headquarters are in Omaha,
Nebraska, where roughly half of our 490 employees live and
work. Others live locally in or near the States where we
provide products and services, including employees who reside
in California, Georgia, Illinois, Maryland, North Carolina, and
Ohio.
Let me be clear and unequivocal with you: ES&S is committed
to doing everything we can to safeguard our Nation's election
security. It is what every one of our employees wakes up and
goes to bed thinking about. For us, every single day is
election day.
Additionally, I want to make clear that ES&S strongly
supports Federal mandates for the following three policies:
first, an auditable paper record for every vote cast; second,
post-election audits of these paper records; and, third, more
rigorous standards for the programmatic security testing of
voting equipment by a federally controlled regulatory body.
I'd like to elaborate on a few of the many examples ES&S
has raised--ways that ES&S has raised the bar on itself for
election security and called on Congress to raise the bar on
the entire industry. First, as mentioned, it is important that
an auditable paper trail be required for every vote cast. ES&S
has stopped selling new voting machines that do not produce an
auditable paper record at the primary voting device.
Second, we support and applaud the increase in dedicated
resources coming from Congress, State, and local officials, the
Election Assistance Commission, and the Department of Homeland
Security. We embrace our partnerships with these bodies because
we believe that collectively we can provide necessary and
continuous improvement in election security.
While the recent appropriations bill included additional
elections-related funding from Congress, we believe the Federal
Government needs to devote these resources to State and local
jurisdictions on an annual basis.
Third, I'd like to highlight just a few of the many
important steps ES&S takes to bolster election security. Every
ES&S system we field undergoes rigorous testing by independent
Federal test labs accredited by NIST. Since 2009, ES&S has
certified 22 unique voting system releases through this Federal
testing program. Our standard procedure is to conduct thorough
and pervasive penetration testing of our hardware and software
using the same modern security tools that hackers use to make
sure our equipment is secure before it ever enters the Federal
program. We recommend increased EAC funding for security
testing managed at the Federal level with standards and testing
methods that are applied evenly and comprehensively to all
providers.
All ES&S tabulation firmware and software are not only
housed domestically but are also written exclusively inside the
United States. ES&S engages an independent third party to
regularly test samples of the components inside our voting
equipment that are programmable logic devices. We do this to
validate the security of our supply chain and to ensure that no
backdoor tampering has occurred. ES&S voting machine components
are produced in ISO 9001 certified manufacturing facilities,
and the entire voting system is managed by a secure engineering
change order control process. All final hardware configuration
of our voting machines is performed exclusively in Omaha,
Nebraska.
We are working with our fellow industry providers seated
with me here today to create the Nation's first coordinated
vulnerability disclosure program for elections equipment,
designed to provide for even greater independent testing of
voting systems through the use of ethical hackers. Because we
strive for continuous improvement in all facets of our
business, our actions related to election security are
continuous, ongoing, and dynamic.
Finally, I want to be clear that we do not believe we are
perfect. On rare occasions, machines falter, and humans make
mistakes. When these circumstances arise, we always do
everything possible to remedy the issue and ensure that final
election reports--results are reported accurately.
As I noted previously, we strongly urge Congress to require
an auditable paper record for every vote cast as a matter of
law to improve even more the integrity of our elections. While
we are very proud of the actions we have taken to date in
support of safe and secure elections, we recognize that this is
a race that has no finish line. ES&S is committed to
continually enhancing the security of our products for the long
run. We take nothing more seriously than our role in supporting
our Nation's democracy.
Thank you for your time, and I look forward to your
questions.
[The statement of Mr. Burt follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much.
We'd be pleased to hear from you, Mr. Poulos.
TESTIMONY OF JOHN POULOS
Mr. Poulos. Thank you very much. Chairperson Lofgren,
Ranking Member Davis, and distinguished Members of the
Committee, thank you for the opportunity to testify today. My
name is John Poulos, and I'm the Chief Executive Officer of
Dominion Voting Systems. We are a U.S.-owned company that
currently provides voting systems and services to jurisdictions
across 30 States and Puerto Rico.
I agree with the importance of this--of the issues being
raised by the Chairperson and Ranking Member regarding election
security and integrity at today's hearing. American elections
safeguard and preserve the freedoms and rights guaranteed by
the U.S. Constitution. At Dominion, we take pride in our small
role in assuring voters that they can have confidence in
election results. We go to work every day understanding this
important responsibility.
By way of background, I formed the company with my partners
in 2003 as an engineer and entrepreneur living in Silicon
Valley. We were one of 76 new entrants innovating in the post-
HAVA era, and we are one of the only ones independently
operating of those 76 in the industry today.
Dominion was founded on three key pillars: security,
transparency, and accessibility. The company abides by these
principles to this day, driving innovations and advancements
for auditability and resilience directed by Federal, State, and
local election officials.
Supporting elections is a full-time proposition for our
company. This past year alone, Dominion assisted State and
local election officials in conducting nearly 300 elections
complete with the rigorous public scrutiny that comes with it.
Dominion is constantly innovating and certifying enhancements
and new features per State and local requirements. For 2020, we
have been working closely with jurisdictions seeking to upgrade
their voting systems. Older, end-of-life technology is being
replaced with certified solutions that produce paper records
for auditing and resilience. This comports with recommendations
by DHS.
Consistent with our founding tenets, Dominion works hard to
promote a company culture of security. This starts with our
people, including annual mandatory background checks and
cybersecurity awareness training for every employee in the
company. It includes companywide adoption of advanced digital
protections and a defense-in depth approach to cybersecurity.
Moreover, we actively engage with the EAC, DHS, and other
trusted third parties to maintain and enhance our enterprise
security, including potential supply chain risks.
Finally, we meet all independent testing requirements,
including EAC standards developed in conjunction with NIST and
requirements set forth by individual States. This includes
source code reviews, penetration testing, and post-election
audits.
In terms of transparency, Dominion systems fully support
independent third-party audits and reviews of all election
data. For example, in 2018, the State of Colorado used Dominion
systems in conducting the first statewide risk-limiting audit
in the United States. This effort was so successful, it has
become a benchmark for other States in verifying with high
confidence that equipment tallies are accurate and reliable.
To round out our company mission, we are committed to voter
accessibility. Our systems ensure Federal protections for
privacy and equal voting rights and ballot casting options for
all, including American servicemembers abroad.
The existence of nation-state threats means that we must
actively defend against any attempts to undermine faith in our
democratic institutions. In this regard, we hope to see
Congress continuing its work with State and local election
officials to keep election systems secure. We commend Congress
on its bipartisan investment of an additional $425 million to
help election officials modernize their infrastructure.
In closing, we remain fully committed to providing
technology that supports free and fair elections. This includes
support for an industry wide coordinated vulnerability
disclosure program for voting systems. We urge you to continue
supporting and incentivizing real-time threat information
sharing from the intelligence community, streamline
certification options for patching and updating, and reliable
baseline security standards for voting systems. All of these
efforts will help make the voting process more secure.
Thank you again for the opportunity to share our company's
perspective.
[The statement of Mr. Poulos follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you so much for your testimony.
And now our final witness on this panel, Ms. Mathis. We'd
be pleased to hear from you for five minutes.
TESTIMONY OF JULIE MATHIS
Ms. Mathis. Chairperson Lofgren, Ranking Member Davis, and
Members of the Committee, thank you for the opportunities to
speak with you today. My name is Julie Mathis, and I'm the CEO
of Hart InterCivic. Hart InterCivic is based in Austin, Texas,
where we have been located since our inception over a hundred
years ago. Hart began as a paper ballot printer and over the
past 20 years has grown organically one new customer at a time
to become one of the top three voting system providers in the
country. Our customers are local election officials, and our
business is built on partnering with them every day to help
solve their problems, enhance their processes, and ensure they
deliver secure, accessible, and transparent elections.
Our products include the software and devices that these
election officials use to create ballots, capture votes,
tabulate votes, and audit the results. Our systems are
regulated as each is submitted to Federal certification through
the EAC as well as the State certification processes before any
local jurisdiction purchases them.
It's also important to know which aspects of the election
ecosystem Hart does not serve. Hart does not build the products
that manage voter registration, voter check-in at the polling
place, the public recording of election night results, or any
other aspect of election or data administration. These aspects
of the election system and their vendors are not currently
regulated.
I am in Washington, D.C., this morning because Hart
strongly believes that voting system companies are one of the
many critical players ensuring American elections are
accessible, transparent, and secure. I can tell you much has
improved over the past few years for Hart and for the industry,
but we know that challenges remain, and we must continue to
evolve and adapt.
So what has improved? First, what has improved as a company
is our products. We are proud that our Verity voting system is
one of the newest and, we believe, most secure line of election
products on the market. Rather than patch updates on older
technology, Verity is a wholly new product designed from its
core to meet modern security standards. Verity's robust
security strategy is further described in my written testimony.
Second, what has improved as an industry? The election
industry is far better informed, better supported, and more
agile when it comes to cybersecurity threats as a direct result
of the Department of Homeland Security's designation of the
American election system as critical infrastructure. Because of
that designation, we're a founding member of DHS' Sector
Coordinating Council, a group of diverse elections-related
vendors under DHS' stewardship to address resilience policies
and practices. Similarly, we're a founding and engaged member
of the ICS-ISAC as well as an active member of the EI-ISAC. All
offer a range of valuable programs, free assessments, and
educational materials, but the biggest improvements have been
to our ability to community and coordinate around cyber threat
information and disclosures.
So where else can we all continue to evolve and adapt?
Number one, continual evolution of the voting system
guidelines. We strongly support the process to roll out updated
national standards. We have submitted our comments during the
public comment period draft of the draft VVSG 2.0 and are in
regular communication with the EAC to provide further insights
to inform the new standard.
We share your frustration over the slow adoption of the new
standards, yet Hart has proactively enhanced the security of
our products while awaiting the release of the 2.0 standards.
In addition, we encourage Congress and the EAC to continue to
explore ways to apply Federal oversight to other election
technology, especially areas of higher vulnerability, such as
voter registration, electronic pollbooks, and election night
results reporting.
Number two, speed up the Federal certification process at
the EAC. We are optimistic that Congress' recent increase in
funding may allow additional resources to be dedicated to the
ongoing overhaul of the VVSG and to enhance certification of
resources at the EAC. The more resources and funding that
Congress can dedicate to the EAC and NIST, the sooner we will
be able to bring the next generation of products to market.
Number three, ongoing vigilance over cybersecurity
practices within our companies and within local jurisdictions.
The most important shift in institutional attitudes towards
securing the integrity of election systems is that security is
not a static process. At Hart, we recognize that cybersecurity
threats will evolve, and so we, along with local jurisdictions,
must continually adjust to new risks and adapt with new
technology, new processes, and new policies.
In conclusion, much has improved over the last few years.
Not only are there new products on the market with enhanced
security protocols, but the election industry is much better
informed, more coordinated, and more aware. But this enhanced
awareness also highlights the clarity that securing the
American election system is a race with no finish line. It will
take constant vigilance, funding, partnership, and coordination
across all aspects of the election ecosystem to ensure that
elections are secure each and every year.
At Hart, our goal is and always has been to provide
election officials with accessible and secure technology. We
dedicate significant time and resources, ensuring our products
meet or exceed the latest security standards. And because of
this, we are a trusted partner of the local officials who run
elections in our country.
Thank you, and I look forward to answering any questions
you may have.
[The statement of Ms. Mathis follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much, and thanks to all of
our witnesses for your verbal testimony as well as your written
testimony.
We'll now go to the time in our hearing where Members have
an opportunity to ask questions for as long as five minutes,
and I'll start.
We all know and recognize that concern about election
security has been heightened since the 2016 election--we've had
reports from our intelligence community that we should be on
the alert for threats, especially foreign threats to the
security of our systems. Right now, there are no Federal
reporting requirements that mandate disclosure of crucial
information about some of your key business practices or
experiences. And I'd like to know from each of you, and this is
going to be a yes-or-no question, would you support
requirements concerning the following five items: first, your
cybersecurity practices, including incident response
procedures; two, any cyberattacks you've experienced; three,
personnel policies and procedures, including whether background
checks and other procedures are in place to safeguard against
inside attacks; four, details of corporate ownership and
foreign investment; and, finally, supply chains, for example,
where parts, software patches, installations come from, how
they're transported, and how they are kept secure? Would you--
if you could answer whether you would agree to all, or if there
are some that you would object to, why?
Mr. Burt. Madam Chairperson, I would say yes, that we would
support a requirement for all five of those requirements that
you listed.
The Chairperson. Thank you.
Mr. Poulos. Madam Chairperson, we would agree with that as
well.
The Chairperson. Thank you.
Ms. Mathis. As would we.
The Chairperson. That's very helpful. As you know, we have
passed a pretty robust bill in the House that's pending in the
Senate, and perhaps your testimony will encourage them to move
forward.
I'd like to talk about supply chains. As I mentioned in my
opening statement, the concern has been raised about
components. The Enteros report showed that a majority of
suppliers within a widely used voting machine supply chain had
locations in either Russia or China. They didn't indicate which
company. So I'd like to ask each of you. Do you have components
in your supply chain that come from either Russia or China?
Mr. Burt. Madam Chairperson, we do not have components that
come from Russia. We do have a limited number of components
that come from China.
The Chairperson. What percentage would that be?
Mr. Burt. I can't give you a percentage, but with respect
to this issue, the potential for a backdoor threat really
doesn't pertain to inert items like a piece of plastic or a
piece of metal. What we really should be concerned about are
the programmable logic devices.
The Chairperson. What type of components come from China?
Can you tell me the nature of the components?
Mr. Burt. Sure. I'll give you one example. Our DS200, which
is a----
The Chairperson. Well, no. I don't want examples. Do any of
your chips or software come from China, or are the Chinese
components just pieces of plastic?
Mr. Burt. In our DS200, we have one of the nine
programmable logic devices that we actually source from a U.S.
company based in Milpitas, California, in the heart of Silicon
Valley that produces that programmable logic device in a--in a
factory in China.
The Chairperson. Okay. Thank you.
Mr. Poulos. Thank you for the question. It wasn't our
company in Enteros' report, but we do have components in our
products that come from China, and I don't know the exact
percentage. I can certainly get that to the Committee through
my staff. Happy to work with you on getting the exact number.
Our products--our tabulated products have always been
manufactured in the United States, and so if you look at----
The Chairperson. Well, can you--before you go forward, what
are the components that you get from China?
Mr. Poulos. So, for example, LCD components, the actual
glass screen on the interface down to the chip component level
of capacitors and resistors. Several of those components, to
our knowledge, are not even--there's no option for
manufacturing of those in the United States. We would welcome
guidelines and best practices from the Committee and from the
Federal Government in terms of this is not a problem that's
unique to the election industry.
The Chairperson. Thank you.
Ms. Mathis.
Ms. Mathis. Yes. Similar feedback here. We take the
security of our supply chain very seriously, and we actively
monitor and assess all aspects of that supply chain, including
country of origin.
The Chairperson. So do you have components from China or
Russia?
Ms. Mathis. We do not have components from Russia, but we
do have--similar to my colleagues, we do have components from
China.
The Chairperson. And what would be the nature of those
components?
Ms. Mathis. Similar: resistors, capacitors. They're the
global supply chain for technology components for that----
The Chairperson. And what percentage, do you know?
Ms. Mathis. I don't have that.
The Chairperson. We'll follow up with that.
I'll turn now to Mr. Davis for his five minutes.
Mr. Davis of Illinois. Thank you, Madam Chairperson, and
thank you again to the witnesses who are here. Each of you,
just a simple yes or a no. Is there any method of voting that's
a hundred percent secure?
Mr. Burt. No.
Mr. Poulos. No.
Ms. Mathis. No.
Mr. Davis of Illinois. To your knowledge, has a foreign
state ever successfully breached or hacked any of your vote
tallying election machines? Mr. Burt.
Mr. Burt. No.
Mr. Davis of Illinois. Mr. Poulos.
Mr. Poulos. No.
Ms. Mathis. No.
Mr. Davis of Illinois. What, then, was the primary target
of our foreign adversaries in the 2016 election? Mr. Burt.
Mr. Burt. Well, Ranking Member, I think there are
potentially differing public views on that, but what I can say
is that, as you asked a minute ago, we've seen no evidence that
any of our voting systems have been tampered with in any way.
Mr. Davis of Illinois. Mr. Poulos.
Mr. Poulos. I would agree with that statement. We feel the
same way. I can't speak to what the primary purpose was of the
attacks, but there's, to our knowledge, no evidence on our
systems as well.
Mr. Davis of Illinois. Well, you guys already answered
that.
Ms. Mathis, do you know what was attacked during 2016?
Ms. Mathis. I do not have personal awareness of that.
Mr. Davis of Illinois. Okay. I believe reports say there
were centralized voter registration systems, even one in my
home State of Illinois. Where do these centralized State voter
registration system databases come from?
Mr. Burt. Ranking Member, they--it's various, depending
on----
Mr. Davis of Illinois. Do they come from any of your
companies?
Mr. Burt. We do host voter registration systems for a
limited number of States, yes.
The Chairperson. How about you, Mr. Poulos?
Mr. Poulos. We do not.
Ms. Mathis. We do not.
Mr. Davis of Illinois. Okay. They're actually a requirement
in the Help America Vote Act.
And, also, Mr. Burt, to your knowledge, are there any
parameters within HAVA that require basic security around the
State voter registration databases?
Mr. Burt. I believe the language in HAVA as it relates to
voter registration is limited at best, and I'm not aware
offhand of any specific language that pertains to----
Mr. Davis of Illinois. Great. And I'll stick with you
because you're the only one that actually deals with
centralized voter registration, and the other two do not. Do
you find this concerning and believe it's something that we
should address in HAVA?
Mr. Burt. I do. I think it's a gap in the oversight of the
election administration or Election Assistance Commission, and
I believe you could put electronic pollbooks into the same
bucket with voter registration.
Mr. Davis of Illinois. Okay. Are you members of the Sector
Coordinating Council?
Mr. Poulos. Yes.
Ms. Mathis. Yes.
Mr. Davis of Illinois. Okay. As well as the IT-ISAC and the
EI-ISAC?
Mr. Burt. Yes.
Mr. Poulos. Yes.
Mr. Davis of Illinois. Okay. How have these entities
increased vulnerability disclosure? Mr. Burt.
Mr. Burt. You know, prior to 2016, there was virtually no
communication between vendors and those entities, and there is
regular sharing of information, threat information as well as
routine meetings, many face-to-face, to make sure that the
lines of communication are open at all times.
Mr. Davis of Illinois. Okay. Mr. Poulos, how many different
vulnerability disclosure programs are there currently?
Mr. Poulos. To my knowledge, we're part of one and
currently working on several more with my colleagues here to
create further disclosure programs.
Mr. Davis of Illinois. Okay. Ms. Mathis, how do we ensure
that these new programs are adequate to disseminate known
vulnerabilities to those that need to know?
Ms. Mathis. I think it's important that we continue to work
together with cybersecurity experts that have already been
involved through the designation as critical infrastructure.
It's really assisted us with ensuring that we understand kind
of the appropriate disclosures.
Mr. Davis of Illinois. Would you all agree that there are a
lot more people, both in the media and public interest groups
and Congress, for that matter, writing on the topic of election
security since the 2016 election?
Mr. Burt. Yeah.
Mr. Davis of Illinois. Would you all agree?
Mr. Poulos. Yes.
Mr. Davis of Illinois. I'm actually happy for this
increased attention. I believe it's put an important issue to
the forefront. I'm concerned about the incentive for outside
groups to mischaracterize the threats facing our elections. Is
this a concern that each of you share?
Mr. Poulos. Yes.
Mr. Davis of Illinois. I got one yes.
Mr. Burt. Yes.
Ms. Mathis. Yes.
Mr. Davis of Illinois. Thank you. I didn't think C-SPAN
could see you guys nodding your heads.
Ms. Mathis. Yes.
Mr. Davis of Illinois. Over the past several years, DEFCON
has garnered a lot of publicity. Have any of you reached out to
DEFCON to participate?
Mr. Burt. Ranking Member, we have had discussions with
them, but we have not provided our equipment to them for
testing.
Mr. Davis of Illinois. Okay.
Mr. Poulos.
Mr. Poulos. Ranking Member, we reached out to DEFCON this
year in 2019, interested in a more collaborative penetration
testing with stakeholders. We reached out with one organizer
and had a plan. We actually did send our modern certified
equipment to DEFCON, but in the days leading up to that event,
I think that there was an internal disagreement within the
conference. So we ended up not working at that conference, but
if it's----
Mr. Davis of Illinois. Okay.
Mr. Poulos [continuing]. Not DEFCON, we're committed to
that.
Mr. Davis of Illinois. How about you, Ms. Mathis?
Ms. Mathis. We have actually submitted our systems through
the DHS' penetration testing process through Idaho National
Labs, so we've--we've gone that route.
Mr. Davis of Illinois. But not DEFCON.
Ms. Mathis. Not DEFCON.
Mr. Davis of Illinois. Okay. Thank you. I yield back.
The Chairperson. The gentleman yields back.
I now recognize the gentleman from Maryland, Mr. Raskin,
for five minutes.
Mr. Raskin. Madam Chairperson, thank you very much.
The Consumer Product Safety Commission advises
manufacturers of consumer products to identify all reasonably
foreseeable hazards associated with use of their products and
to include safety warnings and steps to reduce risk of accident
in the user guides. And there are requirements like this for
motor vehicles and warnings put in lots of different owner
manuals. Would you support a requirement for voting system
vendors to identify security risks associated with use of your
voting equipment and recommendations for users to mitigate
those risks, such as manual audits of paper ballots? And just
go down the line. Mr. Burt, we'll start with you.
Mr. Burt. Thank you, Congressman. We would support that.
And as a global comment, I think we would support any
requirement that applies to all vendors in our industry that
would help educate both the users of our systems and anyone who
interacts with them.
Mr. Raskin. Thank you.
Mr. Poulos. Congressman, I would agree with that statement
as well. We would support any initiative that Congress puts
forward.
Mr. Raskin. Okay.
And Ms. Mathis.
Ms. Mathis. And we agree also with that.
Mr. Raskin. All right. Very good. There has been some
reporting recently about the lobbying practices of election--of
technology vendors in the election field. The City Controller
in Philadelphia issued an investigative report that showed
serious flaws in the voting system procurement process, which I
think resulted in ESS getting the $29 million contract. The
reports indicate that ES&S spent $425,000 lobbying city
officials dating back to 2013 before being awarded the
contract. Is this just standard practice in the industry and
with your business, Mr. Burt?
Mr. Burt. Well, Congressman, starting about a year and a
half ago, we actually hired our first ever Federal consultant
to help us spend time in Washington educating Federal officials
on who we are as a company, how we go about our business
practices. We use consultants at the State level for the same
purposes, to educate decisionmakers.
Mr. Raskin. Well, in this case, it was used to help procure
a contract, right?
Mr. Burt. It was used to educate any of those involved
about who we are as a company, the values we hold, and how we
conduct our business.
Mr. Raskin. Okay. Do you also get involved in making
campaign finance contributions or expenditures?
Mr. Burt. No, we do not.
Mr. Raskin. Okay. Mr. Poulos, do you guys engage----
Mr. Poulos. No, we don't make campaign finance
contributions.
Mr. Raskin. You do spend money on the lobbying side?
Mr. Poulos. Yes, we do.
Mr. Raskin. At the State and local level?
Mr. Poulos. Correct.
Mr. Raskin. Okay.
And Ms. Mathis.
Ms. Mathis. Our involvement in lobbyists has been very
minimal and primarily related to helping educate us on local
procurement processes within certain jurisdictions.
Mr. Raskin. Okay. I'm curious about whether each of your
companies engaged in adversarial testing of your voting
systems.
Mr. Poulos. do you----
Mr. Poulos. We have in the past. It's something that we're
looking to expand in the future.
Mr. Raskin. Okay. Mr. Burt.
Mr. Burt. We do routinely. We've hired third parties to
perform penetration testing as Ms. Mathis mentioned earlier. We
also participated through a DHS program with the Idaho National
Lab to perform penetration testing on our equipment.
Mr. Raskin. Okay. And Ms. Mathis.
Ms. Mathis. Yes, and we have been involved in that same
penetration testing approach by the DHS' recommended Idaho
National Labs.
Mr. Raskin. Okay. So do you routinely allow academic
researchers to test the quality and security and integrity of
your products without prescreening them? In other words, do you
generally permit outside investigators to come in check it out?
Mr. Burt. We have not involved academics who haven't been
prescreened. With the coordinated vulnerability disclosure
program that we're working on with our colleagues, the idea is
to have a firm be able to manage a network of white hat ethical
hackers to broaden the access to our systems without making
this information open to the public.
Mr. Raskin. Okay.
Mr. Poulos.
Mr. Poulos. Congressman, we have done that in the past, as
far back in New York in 2009. We found that the exercise was
useful, and we are looking forward to doing more of that within
the confines of a reality-based scenario of testing.
Mr. Raskin. Okay.
And Ms. Mathis.
Ms. Mathis. And we would support the appropriate disclosure
of that information. It's important that we not undermine voter
confidence in ensuring that we actually evaluate and assess
kind of the type of disclosures necessary.
Mr. Raskin. Okay. And, finally, I remember from my days in
Annapolis that there was sometimes conflict between the
disability rights community and the champions of security in
the process. And I wonder, Mr. Poulos, will you just try to
illuminate that, if you could?
Mr. Poulos. Sure. Most recently, with a lot of the public
commentary around ballot marking devices, there is a concern
regarding the formality of how the ballots are printed for
voters as the voter record, and that sometimes is a natural
conflict between universal accessibility and security
initiatives.
Mr. Raskin. I yield back.
The Chairperson. The gentleman's time has expired.
The gentleman from will North Carolina, Mr. Walker, is
recognized for five minutes.
Mr. Walker. Thank you. Thank you, Madam Chairperson.
I believe each of you mentioned in your written testimony
frustration with the voluntary voting system guidelines update
that is ongoing at the Elections Assistance Commission. This
frustration has been shared by others in the election industry,
as well as this issue seems to have a lot to do with antiquated
HAVA or Help America Vote Act. Where can we as a Committee
focus to help update the HAVA?
I'll start with you, Mr. Burt.
Mr. Burt. Thank you for your question, Congressman.
I think that the EAC, given the resources and funding they
have, do a very good job. And sometimes it amazes me how much
they are able to accomplish given the resources they have. I
think we should ask them to broaden the scope and purview of
their oversight, and to do that, of course, they need more
funding and more support.
Mr. Walker. Okay.
Mr. Poulos.
Mr. Poulos. I would--I would agree with Mr. Burt's
comments, and I would add to that a particular example as it
pertains to patching specifically of third party software, such
as Windows, where a patch is readily available, and it's
sometimes very cumbersome and timely to get that tested patch
to end customers.
Mr. Walker. Thank you.
Ms. Mathis, anything to add to that?
Ms. Mathis. I would agree with those comments.
Mr. Walker. Okay. All right. How has your relationship with
the DHS evolved? How have State and local authorities responded
to DHS? I'll put up a couple of these, and who wants to take
it? Is DHS helping to secure foreign supply chains? And what
type of services does DHS currently offer you?
Mr. Poulos, let me start with you. Let's start with what
type of services does DHS currently offer you?
Mr. Poulos. It offers several different programs. We've
taken part of a physical security review. They offer product
testing. And in terms of the evolution of that relationship, I
would say it was zero 4 years ago, and it's been very helpful
for not only us but the customers we serve.
Mr. Walker. Mr. Burt, is DHS helping you to secure foreign
supply chains?
Mr. Burt. They are not, and I think that's a real
opportunity whether it's through DHS or Department of Defense
or somewhere else in the Federal Government. As Mr. Poulos
mentioned, I think the vendors are eager to work in partnership
with the Federal Government to make sure that we're following
best practices and we safeguard to the best of our abilities
our Nation's voting equipment.
Mr. Walker. Just reiterating this again, in working with
DHS, as well as your own companies, any evidence that China or
Russia has hacked any portion or part of this, either has the
DHS discovered any of that or assumed or even suggested that,
or anything of those nature?
Mr. Burt. No. We've never--we've never received any
evidence or even commentary that suggests that these systems
have been hacked.
Mr. Poulos. No. No.
Mr. Walker. Ms. Mathis.
Ms. Mathis. No.
Mr. Walker. I've got a question here, and if you can
expound a little bit on this. Have each of you hired an
executive level chief information security officer? Mr. Burt.
Mr. Burt. We have.
Mr. Walker. Mr. Poulos.
Mr. Poulos. We have.
Mr. Walker. Ms. Mathis.
Ms. Mathis. We have an extended internal security team, and
we have a CISSP expert on our staff.
Mr. Walker. Mr. Poulos, what are the qualifications for
such a position? What are the requirements of that? What are
you looking for there?
Mr. Poulos. Well, we have--we have that bifurcated in terms
of corporate IT assets and product security, and there are two
different sets of requirements. I can--I don't--can't list them
to you off the top of my head, but I can----
Mr. Walker. Mr. Burt.
Mr. Burt. Congressman, we were fortunate enough to find the
gentleman who was the chief information security officer for
Health and Human Services at the Federal level, and he's been
with us now for a couple of years. So he has vast experience
working with various government agencies in that capacity as a
chief information security officer.
Mr. Walker. Let me stay with you, Mr. Burt. I want to
unpack this a little bit more. Why is a position like this
especially relevant in developing equipment for modern
elections?
Mr. Burt. I think as we look forward, it is necessary for
someone with deep technical expertise to advise the company in
its actions, to do everything it can to make sure that we are
making the right decisions to protect the security of our
equipment and our services.
Mr. Walker. Mr. Poulos.
Mr. Poulos. I agree with those comments in terms of a
deeper understanding of best practices and where the state of
the art is evolving to. It really benefits the security of the
products.
Mr. Walker. Real quickly, for the three of you there, if
you were to give yourselves a grade, 1 out of 10, 10 being
excellent, the highest mark, as far as your attentiveness to
make sure there's no corruption or nothing nefarious, any kind
of behavior going on, how would you score your company as far
as the time, the attention, the resources that you're putting
into this, Mr. Burt?
Mr. Burt. Congressman, we spend a great deal of time on a
regular basis. Our effort--I can honestly say our effort is as
strong as we are capable of. We are always looking to find ways
to improve our effort and to partner with other agencies to
improve our ability to mitigate any risks that might be there.
Mr. Walker. Mr. Poulos.
Mr. Poulos. The security of our products and our
infrastructure is a key priority for us. It always has, and it
is reflected in not only the amount of time and resources we
spend to do it.
Mr. Walker. Ms. Mathis.
Ms. Mathis. Same thing. We absolutely dedicate--it's in our
DNA. It's pervasive across our people, our process, our
procedures, our product.
Mr. Walker. Thank you very much. And if this doesn't work
out, you may have a career in politics since none of you gave
me a number answer to the question. So I yield back to my
chairwoman.
The Chairperson. The other gentleman from North Carolina,
Mr. Butterfield, is recognized for five minutes.
Mr. Butterfield. Thank you, Chairperson Lofgren, for
convening this very important hearing today. I cannot think of
a hearing except for the debate on the War Powers Act that we
could be having right now. This is critically important to our
democracy, and certainly thank you to the three witnesses for
your testimony today.
Mr. Burt, let me start with you, sir, and I want to talk
specifically about North Carolina. You know I represent a
district in North Carolina. There's been a lot of controversy
surrounding your company's recent dealings with elections
officials in my State. Some have referred to what transpired as
a bait and switch. I don't know if that's warranted or
unwarranted. I hope it's unwarranted. Can you please explain to
me why you waited so long to tell North Carolina election
officials that you did not have enough voting systems to cover
the 2020 primaries?
Mr. Burt. Thank you for your question, Congressman. I have
read that bait-and-switch comment. The situation in North
Carolina, we applied for certification for our system in North
Carolina roughly five years ago. We went through all of our
testing. The report was written. It went to the State board for
approval. And at that point in time, the State board
essentially dissolved. There was not a quorum at the state
board for over four years.
That system that we got tested five years ago finally got
approved this year. Because it was five years old, we
immediately went in after that and got our latest and most
secure system updated. And it is that system, the most recently
certified system, that we've delivered to the citizens of North
Carolina. So, if a bait and switch means that we decided to
send the most recent and most secure system to the citizens of
North Carolina, that is what we did.
Mr. Butterfield. All right. I'm informed that your company
admitted installing remote access software on some of its
election systems that it sold over a six-year period. Were any
remote wireless-equipped systems sold to elections officials in
my State?
Mr. Burt. Congressman, that practice happened between the
year 2000 and 2006. No system that we have brought through the
EAC program since the year 2007 has been equipped with any kind
of remote access software. We have confirmed that there is no
system out there in the country being used today that has a
remote access system attached to it.
Mr. Butterfield. All right. Ms. Mathis, do you support
Federal legislation to expand the use of post-election audits
like risk-limiting audits in Federal elections?
Ms. Mathis. We absolutely do.
Mr. Butterfield. Mr. Poulos.
Mr. Poulos. Absolutely.
Mr. Butterfield. And Mr. Burt.
Mr. Burt. Yes.
Mr. Butterfield. Thank you. Do you think that all manual
audits of paper records can be conducted on all the voting
systems that you currently sell?
Ms. Mathis. We have a portion of--a subset of our product
that actually does not permit risk-limiting audits. There are
other audits and other testing that fulfilled a fully ability
to confirm the accurate results.
Mr. Butterfield. All right. Let me ask you, Mr. Poulos.
What do you do to ensure that your subcontractors and your
manufacturers follow industry best practices on cybersecurity?
In other words, do you conduct background checks and the like
on your subcontractors?
Mr. Poulos. On our direct subcontractors, yes, we do. And
for our manufacturing partners, we make sure that they adhere
to ISO standards.
Mr. Butterfield. Mr. Burt.
Mr. Burt. We do the exact same thing. We perform background
checks on the contractors that we hire directly, and any of our
manufacturing partners are all ISO certified.
Mr. Butterfield. This is not a--not a cursory background
check? You do an indepth----
Mr. Burt. A criminal--yeah, a detailed background check,
and that's part of the ISO certification.
Mr. Butterfield. And Ms. Mathis, you as well.
Ms. Mathis. Yes.
Mr. Butterfield. All right. Are you aware of any
cyberattacks in which the attacker gained unauthorized access
to your internal systems, corporate data, or consumer data? Ms.
Mathis.
Ms. Mathis. We are not.
Mr. Butterfield. Do you have any evidence that this has
happened?
Ms. Mathis. We do not, no.
Mr. Butterfield. All right.
Mr. Poulos.
Mr. Poulos. No, we do not.
Mr. Butterfield. And Mr. Burt.
Mr. Burt. No, we do not.
Mr. Butterfield. Thank you. Let's see how I'm doing on
time. All right.
Back to you, Mr. Burt. We know you're committed to no
longer sell paperless machines, but you are selling the Express
Vote with an AutoCast feature that has the voter skip--that has
the voter to skip the verification of the paper record. Given
that the primary criticism of paperless machines was that they
did not have a voter verified paper audit trail, do you think--
do you think it's--it's correct to say that you will no longer
sell paperless machines, but you are selling a machine that can
record votes without a paper trail?
Mr. Burt. Congressman, I don't believe--I'm not aware off
the top of my head of any customers who are using that
particular product in an AutoCast fashion. I believe all the
customers who are using that product present the ballot back to
the voter for verification in one way or another, either
through a screen or by taking out the piece of paper.
Mr. Butterfield. All right. And, finally, for Ms. Mathis,
currently listed on your website in the products that you sell
are the paperless DRA machine called the Verity Touch. I guess
I have that right, Verity Touch. Meanwhile, there is a clear
consensus among experts that the paper ballots are needed to
ensure that voters' votes are counted properly. Why do you
think--why do you continue to sell a machine we all know puts
the integrity of the voters' ballot at risk?
Ms. Mathis. We actually believe our DREs are secure, and
it's not just Hart's belief. We have had those products
federally certified through the EAC. They've gone through
extensive accredited test lab testing. Certain States have
certified those. They comply with all VVSG standards, and they
comply with all our extensive security protocols that we have
throughout the Verity--throughout the Verity platform including
extensive multilayer defense-in-depth security protocols.
Mr. Butterfield. Thank you. I'm out of time.
I yield back.
The Chairperson. The gentleman's time has expired. We'll
have a second round of questions so that we can further explore
this.
The gentlelady from Ohio is recognized for five minutes.
Ms. Fudge. Thank you very much.
The Chairperson. The Chairwoman of our Elections
Subcommittee.
Ms. Fudge. Thank you very much, Madam Chairperson. Thank
you all so much for your testimony.
All right. Just a couple of questions, really, but let me
just first say I understand that this is a business with you
all, but I think my colleague, Mr. Butterfield, said it best:
``It is critical to our democracy, and your equipment is
purchased with taxpayer dollars.'' So there are some things
that we do expect, and there is some information that we expect
you to give us.
So, as I say that, let me just also say that I'm from
Cuyahoga County, Ohio. We have ES&S machines, but in the State
of Ohio, we have 13 different voting systems. And so, when we
talk about ensuring the security of our systems, what we find
is that we probably need more trained examiners because we have
so many different systems. So let me first ask, do you support
increasing the number of testing labs so that we can test
voting equipment examiners?
Mr. Burt. Yes, we do.
Ms. Fudge. Okay.
Mr. Poulos. Absolutely.
Ms. Mathis. Yes.
Ms. Fudge. Secondly, it's my understanding that the testing
standards that we currently use date back as far as 2005. We're
in 2020, but we're using standards. And so what we have done is
basically said to the Windows people: You determine what the
upgrades in security should be because you're dancing to their
tune, not to the EAC.
Is that how you see it as well?
Mr. Burt. Congresswoman, I think there is certainly an
opportunity to update the voting systems standards and actually
to broaden the program to include more security specific
testing. That's what we would like to see.
Ms. Fudge. Everybody.
Mr. Poulos. I'm sorry, Congresswoman. I don't understand
the question.
Ms. Fudge. Well, you're doing upgrades to your systems on a
regular basis, not based upon what we think is a security issue
but what Windows is telling you you need to do because that's
the operating system.
Mr. Poulos. Both--both is true, actually. So we are
regularly innovating new features that are--that come from
local jurisdictions and State officials based on evolving
threats and evolving state of the art of the technology. In
addition, we do use Windows and Microsoft products that do have
their own patches. That's not core to the tabulation product as
well. We do not have off-the-shelf Windows.
Ms. Fudge. I'm not suggesting that.
Mr. Poulos. Okay.
Ms. Fudge. What I'm suggesting is that when you do--when
Microsoft calls you and tells you ``you need to do this
upgrade,'' you do it.
Mr. Poulos. We implement it. We test it. We submit it for
certification. We do not implement it, for example, in a county
in Ohio until it is tested.
Ms. Fudge. I'm not suggesting that you don't test it.
Mr. Poulos. Okay.
Ms. Fudge. My point is that you don't do it based upon what
we believe is a security issue; you do it upon what Microsoft
believes is one.
Mr. Poulos. Right. I--okay.
Ms. Fudge. You don't have to defend Microsoft. I'm not
trying to do anything to Microsoft. I'm just making the point
that we need to be more involved in the process.
Mr. Poulos. No, that's true. That's true.
Ms. Fudge. Okay. Will all of you commit today to allowing
researchers to test your products without prescreening or hand-
picking those researchers to do it?
Mr. Burt. Congresswoman, we're not interested in hand-
picking. What we're interested in is making sure that we
attract hackers who can make our systems better without
requiring that the information that they discover be put into
the public domain. So what we'd like to see is for the EAC to
actually manage a coordinated vulnerability disclosure program
and have the EAC choose the researchers and assemble the team
and manage the program. We think that's----
Ms. Fudge. So that's a yes?
Mr. Burt. Yes. We would like to see the EAC manage that
program.
Ms. Fudge. The only reason I'm cutting you off, I have five
minutes.
Mr. Burt. Sure. Understood.
Ms. Fudge. I ask each of you. What do you do to ensure that
your subcontractors and manufacturers follow best practices on
cybersecurity? Mr. Butterfield already asked you about your
background checks. If you could answer the first part of the
question.
Mr. Poulos. Well, in our case, for example, our lead
manufacturer manufactures products for the Department of
Defense and has accreditations under ISO, and so we look for
that as a prerequisite to doing business with that
manufacturer.
Ms. Mathis. Very similar, yes. We look at ISO standards. We
also have deep quality reviews and ensure that we're managing
our suppliers very, very closely.
Ms. Fudge. Very good. I work for the Federal Government
too. I don't trust everybody else that works for the Federal
Government. So I want to be sure that you're looking at them,
not just hiring them because they work for the Federal
Government.
Mr. Poulos. Fair enough.
Ms. Fudge. I yield back, Madam Chairperson.
The Chairperson. The gentlelady yields back.
The gentleman from California, Mr. Aguilar, is recognized
for five minutes.
Mr. Aguilar. Thank you, Madam Chairperson. I wanted to talk
a little bit about products and defects, and we can go down the
line. Mr. Burt, if you'll indulge me by starting. Do you have
built-in systems and practices that look for--specifically look
for defects along the way? And can you describe the evolution
of how long it takes to find a defect, create a solution, and
then implement that solution?
Mr. Burt. We do have built-in systems ranging from various
source code reviews to penetration testing to functional
testing. In the event--if a system has been fielded, been
approved by the EAC and delivered to a State and has been
fielded, and there's a--there's a functionality--piece of the
functionality that we want to change, that process to make the
change currently--have to go through the Federal testing
program and redeploy to the State--can be six months to a year
depending on the scope and depth of the changes being made.
Mr. Aguilar. Do you inform the customer when that happens--
--
Mr. Burt. Yes.
Mr. Aguilar [continuing]. If a defect or something--are
they under an obligation to pay for a fix?
Mr. Burt. No. No. In those cases, those are covered under
licenses, and we make the changes and roll them back out to the
customer.
Ms. Aguilar. Mr. Poulos.
Mr. Poulos. Similar with Dominion. We comprehensively do
situational testing on all of our products, and that is an
ongoing thing in the company on all current products. Any issue
that we find is immediately disclosed. That's actually
regulated in some States such as your home State within a very
specific time period, depending on the severity of the issue.
Mr. Aguilar. And then, per the license, they would--you
would----
Mr. Poulos. It would not be an extra charge, no.
Ms. Mathis. Very similar. We disclose any of those types of
critical election day type malfunctions to the EAC. So that's
all--that's all regulated right now.
Mr. Aguilar. Great. I appreciate it. Shifting gears to--you
talked about the Idaho National Lab and some of the DHS testing
work that you've done. With respect specifically to
cyberattacks, and we all understand the stakes here and what's
involved, as do you. Can you talk specifically about how you
work with the Federal Government when cyberattacks potentially
occur? Do you report those potential intrusions to your
customers or to the Federal Government? And do you believe you
have an obligation to provide timely notification to customers
when a security breach of that product or your company happens?
Mr. Burt.
Mr. Burt. We do. We have--we share information with the MS-
ISAC and the EI-ISAC. So we don't, for example, share that a
specific IP address has been identified as an attempt to
penetrate a firewall. Of course, that happens thousands of
times a day from all over the world. So that sort of
information isn't useful. But through the coordination with DHS
and the MS-ISAC, they help us to identify and understand sort
of potential attacks that might be exceptionally dangerous.
Mr. Aguilar. What would that look like? In the last 60
days. How many times would you notify a customer or the----
Mr. Burt. We don't notify customers of the MS-ISAC, but
many of the customers participate and receive the same
information, so it's sort of--it's not specific to our
business. It's commentary about what's going on around the
country.
Mr. Aguilar. So there's no way for a customer to know that
there was a potential breach? I'm not talking about a ping at
an IP address. I'm talking about a breach and a potential
intrusion into your system.
Mr. Poulos. We've had no breaches to report.
Mr. Aguilar. What's that dialogue like with DHS, with any
Federal entity through your systems? How often is that----
Mr. Burt. There is a process if a breach were to occur. DHS
has issued guidelines in terms of the communication. We
practice those through national tabletop exercises. We actually
have the Department of Homeland Security travel to Omaha to
conduct a tabletop exercise on premise so that we can
essentially practice in the event that a breach did occur to
make sure that we would be in position to communicate it
effectively.
Mr. Aguilar. Mr. Poulos.
Mr. Poulos. Very similar, Congressman. We have not had any
potential breaches. So we actually haven't reported anything to
a customer. But our policy is absolutely that we would
immediately communicate any potential breach to a customer.
Mr. Aguilar. Ms. Mathis.
Ms. Mathis. Very similar. We have not had any breaches, but
we've created a very robust incident response plan that has
been updated to include disclosures and notification all
directions--DHS, the customer--to ensure that we've got the
appropriate communications.
Mr. Aguilar. At what level would you, Ms. Mathis, would you
flag for DHS? I understand that all of you are saying, you
know, you haven't been breached.
Ms. Mathis. Right.
Mr. Aguilar. But at what level--there's a difference
between being breached----
Ms. Mathis. Right.
Mr. Aguilar [continuing]. And being pinged by an IP
address----
Ms. Mathis. Right.
Mr. Aguilar [continuing]. In a foreign country.
Ms. Mathis. Right.
Mr. Aguilar. Give me--talk with me about that spectrum of
intrusion on the cyber side.
Ms. Mathis. Right. Well, we actually are erring on the side
of, if anything, too much disclosure, if there is such a thing.
We actually had an example where a customer contacted us with a
potential breach, and we actually contacted the DHS and let
them know of this whole situation. So it was not a breach. And,
actually, it turned out that that particular county was
exercising a test, and so it actually--the whole process
worked. We did not know that, and so it was--we were happy to
communicate that to DHS.
Mr. Aguilar. Thank you, Ms. Mathis.
Thank you, Madam Chairperson.
The Chairperson. The gentleman's time has expired.
As I mentioned earlier, we will have a second round of
questions, and I will begin.
In answer to a question from Mr. Butterfield, Mr. Burt
testified under oath that they do not currently have voting
systems in the United States with remote access software
installed, if I heard you correctly.
Mr. Burt. That is our belief, that none of the systems in
use today----
The Chairperson. Would that be true for the other two
vendors?
Mr. Poulos. Yes.
Ms. Mathis. We have never had remote access.
The Chairperson. Okay. Let me ask you this. Do you sell
voting machines that have network capabilities installed?
Mr. Burt. Can you be more specific, Madam Chairperson?
The Chairperson. Yes. You don't have the software
installed, but you have the capability of installing it.
Mr. Burt. For remote access software?
The Chairperson. Yes.
Mr. Burt. We do not--we no longer install any remote access
software. That process was discontinued in 2006 and is not
allowed by any of the EAC testing.
The Chairperson. Mr. Poulos.
Mr. Poulos. Madam Chairperson, we've never had any kind of
remote access in our Dominion products.
The Chairperson. Capabilities.
Mr. Poulos. Capabilities.
The Chairperson. Okay.
Mr. Poulos. I will say that I do want to draw a caveat.
Some of our tabulators have the--are designed around the
ability to have an external plug in modem to transmit
unofficial results after polls close.
The Chairperson. Okay.
Ms. Mathis.
Ms. Mathis. We do not have remote access capabilities, as
you mentioned. So, similar to Mr. Poulos, we have, as required
by certain States, a remote transmission capability as an add-
on.
The Chairperson. So that's something that we may want to
look at further.
I want to talk about remote ballot marking devices. Some
experts in election security have raised concerns to me about
the risk of these devices that store information about the
choice a voter has made in a nontransparent format, for
example, a bar code or a QR code, so that when the voter
doesn't actually--he may be checking something, but it's not
what actually is going to be tabulated. Do you provide that
equipment that does it in that way, any of you?
Mr. Poulos. Yes.
Mr. Burt. We do, yes.
Ms. Mathis. We do not, actually. Our--our technology for
our Verity Duo product actually captures--does not put any
voter choice in a bar code. We have optical character
recognition----
The Chairperson. Okay.
Ms. Mathis [continuing]. Technology.
The Chairperson. I have a question. For over a decade, my
smartphone has had the capability to prevent unauthorized,
unsigned code from running on the device or interfering with
its operating systems. Do all of your election systems
currently in use prevent unauthorized code or altering--altered
operating systems from running on them in this way?
Mr. Burt. They do, Madam Chairperson. I'll give you one
example. The memory stick that we purchased from a U.S.
manufacturer, our election management system won't even operate
unless they know that it's a particular serialized number
memory stick. So, if you bought a memory stick from an Office
Depot, it wouldn't recognize, it and the system would shut
down.
The Chairperson. How about you, Mr. Poulos?
Mr. Poulos. Similar. All of our Dominion products that are
certified are the same. The exception that I will point out to
the Committee is we do support some legacy systems that are
still in use that were designed in the remaining cases over 20
years ago that do not have this capability.
Ms. Mathis. Our Verity product line actually incorporates a
feature called white listing which actually only allows the
programs that we permit with our Verity design, so it actually
blocks everything except for those. So it's the opposite of
blacklisting. So it has actually even more secure.
The Chairperson. I'd like to follow up with you, Mr. Burt,
because from the previous testimony, your company is the only
one that provides election infrastructure that is not just the
voting machines itself. You have indicated your interest or
suggestion that the EAC have greater jurisdiction over voter
registration, election management systems, electronic poll
books, and the like. I'd like to know that even without that
jurisdiction, what are you doing right now to ensure that these
products are safe, secure, up to date, and utilize current
technology best practices?
Mr. Burt. Thank you, Madam Chairperson. With respect to the
poll books, all of the data is encrypted on the poll books.
With respect to the voter registration systems which I think is
more commonly a question for folks, we've recently worked with
the Center for Internet Security to install Albert sensors
which is a national monitoring system, and we've wrapped this
around our voter registration systems that we--that we house.
So, for example, Ranking Member Davis, the example that you
brought up related to Illinois going back to the 2016 election,
that's the kind of activity that an Albert sensor is meant to
detect and prevent with respect to a voter registration system.
The Chairperson. Thank you very much. I see that my time
has expired. So I will turn to the Ranking Member for his
additional five minutes.
Mr. Davis of Illinois. Thank you, Madam Chairperson.
And thanks again to the witnesses. I think all of our
colleagues on both sides of the aisle have the same interest.
We want to protect our elections. We want to make sure that all
machines that are used to tabulate our free and fair elections
are up to the task. So thank you, each of you, for being here
today. I know some of the questions can be uncomfortable. I
know there's been a lot of talk about supply chain issues. Yes
or no questions. We'll start with you this time and go that
way, Ms. Mathis. Is it currently possible to build an election
machine entirely out of U.S. manufactured parts?
Ms. Mathis. I don't believe that it is possible today.
Mr. Davis of Illinois. Okay.
Mr. Poulos.
Mr. Poulos. Not to my knowledge.
Mr. Davis of Illinois. Mr. Burt.
Mr. Burt. I do not believe it's possible.
Mr. Davis of Illinois. Do you see why that concerns all of
us up here?
Ms. Mathis. Absolutely.
Mr. Burt. Absolutely.
Mr. Davis of Illinois. Are the parts in your supply chain,
Ms. Mathis, that come from abroad also used in other
industries?
Ms. Mathis. Yes, they are.
Mr. Davis of Illinois. Okay.
Mr. Poulos.
Mr. Poulos. Yes, they are.
Mr. Davis of Illinois. Mr. Burt.
Mr. Burt. They are. They're used in a variety. Probably
some of them are present in the room today in the various
equipment that you see around the room.
Mr. Davis of Illinois. Like?
Mr. Burt. We see cameras. We see a variety of electronics.
We see switches. There's almost nothing that we interact with
from an electronics point of view. Of course, your phone. Thank
you. That have parts that are made overseas and distributed to
a variety of manufacturers.
Mr. Davis of Illinois. So it's the critical components of
your election machines that we're all concerned about. And
you've testified earlier because we have a global supply chain,
you're not able to--you're not able to comprehend a machine
that can be built right now with completely U.S. parts. So tell
me, tell us, make us feel comfortable here in this country that
your machines with the critical components are U.S.
manufactured or they're going to be able to not be compromised.
Ms. Mathis.
Ms. Mathis. I believe that that is an ongoing challenge
that we all have, and we're open to getting feedback from--as
we mentioned earlier, from DHS to help us understand what our
capabilities and opportunities might be to source alternatives.
Mr. Davis of Illinois. Mr. Poulos.
Mr. Poulos. That's been an ongoing discussion at the EAC in
terms of the next generation of standards on how they address
in the guidelines that we would follow to those practices.
Mr. Davis of Illinois. Mr. Burt.
Mr. Burt. Again, I think this is an opportunity for the
voting system vendors to partner better with the Federal
Government. Surely, there is deep talent and expertise in the
Federal Government that could be brought to bear on the supply
chain management and the voting system industry. We would
welcome that dialogue and assistance.
Mr. Davis of Illinois. We look forward to working with you
in that field.
Earlier, it was mentioned about the campaign contributions
and lobbying activities. Mr. Burt, you mentioned that ES&S does
not make campaign contributions at the Federal level, right?
Mr. Burt. We actually have a policy that every one of our
employees, vice president and above, as well as anyone engaged
in sales and marketing activities are strictly prohibited from
making district campaign contributions.
Mr. Davis of Illinois. Okay.
Mr. Poulos, do you--are you able to make campaign
contributions in your company?
Mr. Poulos. We had a policy that all employees were not
able to make any campaign contributions.
Mr. Davis of Illinois. All right.
Ms. Mathis.
Ms. Mathis. Similar.
Mr. Davis of Illinois. Similar. Are you guys all
corporations?
Mr. Burt. Yes.
Mr. Poulos. Yes.
Mr. Davis of Illinois. Registered corporations in the
United States?
Okay. Well, it's nice to see that we have a lot of
agreement here amongst Republicans and Democrats in regard to
election security. I find it interesting during the first round
of questions Chairperson Lofgren talked about some of the areas
where you all agree that the Federal Government needs to work
with you. She mentioned a robust bill sitting in the Senate.
Well, here is the problem with the top-down approach from
Washington when it comes to our own election infrastructure
process. That robust bill sitting in the Senate may force you
as corporations to actually give campaign contributions to
Members of Congress because, in that robust bill, there's a
provision that would take corporate funds from corporate
malfeasance which, I would argue, you would be eligible for
with election infrastructure if something went wrong, and it
would go into a Freedom from Influence Fund that was concocted
by the Majority, and that would force the first ever corporate
dollars into congressional campaigns. So my point of bringing
this up is you don't allow campaign contributions now by any of
your employees because you don't want that to affect anyone
who's in charge of running free and fair elections in this
country, right?
Mr. Burt. Correct.
Ms. Mathis. Correct.
Mr. Poulos. Correct.
Mr. Davis of Illinois. Why in the world would this
institution at the Federal level in turn possibly require you
and require any corporation to give the first ever corporate
dollars to individual Members of Congress' campaigns? That's
why, when we talk about robust bills, we all have the same
goals, but let's not kid ourselves in thinking that there are
provisions in bills that are going to always benefit free and
fair elections rather than benefiting individual members of
Congress.
I yield back.
The Chairperson. The gentleman yields back.
I just--before yielding to Mr. Raskin, obviously,
everyone's entitled to their own opinion, but the matter
referenced is a fine collected by the Federal Government, which
would then be put into a fund, not a contribution from
corporations.
I yield to the gentleman from Maryland for five minutes.
Mr. Raskin. Madam Chairperson, thank you very much. Let me
pursue the line of questioning by my friend from Illinois, and
I asked those questions originally about lobbying and campaign
contributions and so on. I just saw this report from ProPublica
which says, in August 2018, Louisiana announced it would
replace its old voting machines and awarded a $95 million
contract to a rival of ES&S which was the lowest bidder. ES&S
filed a complaint that accused the State of writing its request
for proposals so that only the other companies' machines would
satisfy the terms. Shortly after, Governor John Bell Edwards
cancelled the deal, effectively siding with ES&S and forcing
the State to start the process over again. Quote: ``The
Governor's administration just sided with the company that was
$40 million more expensive,'' Louisiana Secretary of State Kyle
Ardoin said in a statement after the cancellation. In a
statement, the Governor's office said the cancellation was
justified. The office laid the blame at the feet of the
Secretary of State's office, which it said had added additional
requirements to the bid just days before responses were due.
Louisiana campaign finance records showed that an ES&S lobbyist
in Baton Rouge had donated $13,250 to Edwards' campaigns since
2014.
I noted, Mr. Burt, you said that you have a ban on campaign
contributions by the top-level officials in your company. Is
that right?
Mr. Burt. Correct.
Mr. Raskin. But it doesn't go all the way down, and it
doesn't apply to lobbyists that you would employ in the various
States. Is that right?
Mr. Burt. It does not apply to lobbyists, yes.
Mr. Raskin. So what's your specific practice, Mr. Poulos?
None of your employees can make----
Mr. Poulos. Correct.
Mr. Raskin [continuing]. Contributions at any level? And
Ms. Mathis, how about you?
Ms. Mathis. Correct.
Mr. Raskin. I wonder if one of you would be interested in
opining about why you have that practice and whether you think
that should be in Federal law for all of the reasons that were,
you know, suggested by my colleague about the importance of
keeping election administration completely separate. I mean,
you know, we've got two dangers here. One is paranoia where,
you know, we have politicians running around saying it's all
fraud, right. The other is complacency where we don't pay
sufficient attention. But can you explain what the basis of
that policy is that you have, Mr. Poulos, for example?
Mr. Poulos. Sure. The basis is very clear. We want as a
company and our stakeholders to be completely independent of
the election officials that are making selections in terms of
what's best for their State and localities. Congressman, in
your example of Louisiana, Louisiana happens to be a State that
currently has legacy voting systems of the type that is being
discussed at this Committee level, and they were seeking to
update with more modern certified systems, and, unfortunately,
that's been delayed.
Mr. Raskin. I assume you mean by virtue of the change in
the vendor.
Mr. Poulos. There was no change. There was just--because of
that process, it was all delayed, and as a result, they're
using the legacy voting systems in the 2020 election.
Mr. Raskin. Gotcha.
Ms. Mathis.
Ms. Mathis. I'm sorry. What is the question?
Mr. Raskin. Well, I guess the question is what's the basis
of your policy of not--of preventing all employees, and I don't
know if it extends to consultants.
Ms. Mathis. It's just important for to us ensure that we
are objective and independent in all elections. We don't run
elections. Local election officials run elections, so we're not
engaged in the running of the election, but it's just important
for us to ensure that we're staying objective and independent.
Mr. Raskin. I remember that there was a big controversy
about the company Diebold, and I think one of your companies
took over Diebold. Was that ES&S?
Mr. Burt. A little complicated, Congressman.
Mr. Raskin. Oh, okay.
Mr. Burt. We made a purchase, and then my colleague, Mr.
Poulos here, ended up buying the intellectual property of that.
Mr. Raskin. Okay. So both of you got a piece of it. But I
remember that they were actually politically involved, and I
think it was the President who had sent out a campaign
solicitation saying that they would do anything to see that one
candidate got elected President at a time when their machinery
was being used in different States. And that obviously creates
a serious problem from the standpoint of public confidence in
the integrity of the election.
So all of this makes me think that it might be a good idea
for us to formalize and to make comprehensive the practice that
you seem to be moving towards which is that your job is to sell
the technology, to make it as secure as possible, and not to be
involved in the political process.
I'm just wondering, finally, about why it seems that
technology goes so wrong sometimes. In Georgia, ES&S owned
technology was used where more than 150,000 voters inexplicably
did not cast a vote for Lieutenant Governor, and then there
were not paper backups. Why does that happen? Because that is
one of the problems we have, that there are huge problems like
this that take place on the one day or two days a year that the
machinery has got work, and then it really undermines public
confidence in the whole system.
Mr. Burt. Congressman, the equipment that you speak about
is actually not ES&S equipment. The company Diebold that went
out of business that you spoke of a second ago----
Mr. Raskin. Oh, I see. Okay.
Mr. Poulos [continuing]. Is actually the manufacturer of
that equipment.
Mr. Raskin. All right. But in general, I think there were
some other cases where that's happened as well. I mean, can you
explain? Why does that happen? It only has to work once a year,
once every two years, and then it breaks down. So I wonder if
maybe one person could answer?
I yield back.
Mr. Poulos. Thank you for the question, Congressman. So the
equipment that you are referencing was a legacy voting system
originally sold to the State of Georgia by Diebold who is no
longer in the elections business. But it is the type of voting
machine that does not feature any kind of voter verified paper
audit trail. So, in the event of something happening in an
election, and that's not the only instance, by the way, where
something plausible--or sorry--something possible but not
plausible happens, it's difficult to have an audit for that if
there's not any kind of paper record.
The Chairperson. The gentleman's time has expired.
I turn now to the gentleman from North Carolina, Mr. Walker
for five minutes.
Mr. Walker. Thank you, Madam Chairperson. Just a quick
purpose of my colleague, Mr. Davis, talking about H.R. 1. A
quick question along those lines. I'm assuming if you were
fined by the Federal Government, those would be corporate
dollars, and you would pay those fines. It makes me think of
the great philosopher Yogi Berra who said, ``They give you
cash, which is just as good as money.'' We will leave that for
a different day.
My question is: We're Federal elected officials. You guys
are the experts in this industry, and I applaud you for the in-
depth testimonies that you've given today. Obviously, this is
not just talking points; you know the stuff here. As I look
into the future, and I want all three of you to kind of touch
base on this. Where do you see the technology of election
systems headed 5, 10, 15, 20 years down the road because,
obviously, as the ranking member on another committee when it
comes to intelligence and specifically even terroristic
cybersecurity acts. So, as technology advances, where do you
guys see the adaptations that need to be made over that
distance of time? I'm going to start with Ms. Mathis and work
right to left today.
Ms. Mathis. Sure. I mean, unlike other industries in the--
other technology industries, the direction seems to be more
back to paper. That wasn't the case a few years ago, and now
the election industry actually has moved that way to more paper
which is interesting from a technology perspective. I feel like
that that will continue to evolve as preferences of local
election officials evolve and as security continues to evolve.
So I think that the answer is it will evolve.
Mr. Walker. Right.
Mr. Poulos.
Mr. Poulos. I look at it them three ways: in technology,
people, and process. On the first, on technology, I see evolved
standards on security and how the technology comes to be in
terms of manufacturing and supply chain. In terms of people and
process, I think that I would like to see, I should say,
further programs and continued work at the Federal and State
level in terms of better eliminating barriers that
jurisdictions have in modernizing their election infrastructure
and things like poll worker training.
Mr. Walker. Okay.
Mr. Burt.
Mr. Burt. I agree with Mr. Poulos' comments on security,
and it highlights the fact that the burden on election
administrators across the country from a technical capability
perspective grows even greater. So I think the challenge for
election administrators to be able to staff their respective
offices with people who are competent in these fields will be
an ever greater challenge going forward.
Mr. Walker. Thank you very much. I yield the balance of my
time to the Ranking Member.
Mr. Davis of Illinois. Thank you. And I want to get back to
the supply chain issue real quick because it concerns me. Have
any of you had conversations with your U.S. suppliers of
electronic products that go into your machines just like our
TVs, our phones, and what have you? Have you talked to those
suppliers you work with that may outsource some of their
manufacturing to foreign countries? Have you talked to them
about trying to develop a U.S.-made chip or electronic LCD
product even though they may be a U.S. company?
Mr. Burt. We have, Ranking Member, but the challenge is--
and I believe this is true for all of us. We are not a large
customer to any of these major manufacturers, so take Texas
Instruments, for example, which makes one of our programmable
logic devices. We are a very, very small part of their
business. So for them to retool their international operations
for our benefit is just not realistic.
Mr. Davis of Illinois. Mr. Poulos.
Mr. Poulos. That's a hundred percent correct, and the
infrastructure needed is--the change of infrastructure to be
able to create all of the fabs and necessary manufacturing for
100 percent components being manufactured in the United States
is not a small effort.
Mr. Davis of Illinois. Ms. Mathis.
Ms. Mathis. It will take a whole sea change in the way that
the global supply change works in the technology industry, I
think, for that--for us to be able to take advantage of that.
Mr. Davis of Illinois. Okay. Now, I asked if you were all
corporations. Will you tell me, yes or no. Are you--any of you
run by private holding companies, private equity companies?
Mr. Burt. We are run by our executive management team, but
we have 80 percent ownership by a local private investment
group.
Mr. Davis of Illinois. How about you?
Mr. Poulos. Similar. We are run by a management team, and
we are owned, I believe, 76 percent by a U.S. private equity
firm.
Mr. Davis of Illinois. All right.
Ms. Mathis.
Ms. Mathis. Similar structure.
Mr. Davis of Illinois. Okay. Do you see why that's
concerning to us on both sides of the aisle on election
security? That's something that I think--obviously are going to
be questions raised by both Republicans and Democrats in the
future. Look, I appreciate you all being here. I appreciate you
taking the time. We have the exact same interests on all sides
here in Washington. We want to protect our elections. We want
to make sure your machines are unhackable, and let's continue
to work together to make that happen.
I yield back.
The Chairperson. The gentleman yields back. The gentlelady
from California, Mrs. Davis, is recognized for five minutes.
Mrs. Davis of California. Thank you, Madam Chairperson, and
thank you to all of you for being here. I'm sorry I had to walk
out during the panel for another hearing, but I think many of
the questions have been asked.
I wanted to focus for a moment just on voter education and
the responsibility, if anyyou all have, you know, through the
companies. And also if you want to comment, Ms. Mathis. You
know, what is that responsibility? Do you work with election
officials? We were talking about some ballots that were
misread, you know. How do we deal with that? You mentioned
Diebold. That was related--that was related--that was what they
did at that particular time, but we also know that sometimes
ballots are just not constructed in a way that people actually
see where they should go, you know, as they share their
stories. So how--you know, what are we doing really to make
sure that people are registered correctly, that they can check
their votes, make sure that they, you know, voted the way that
they want to? Often people are pressured by long lines. How can
you help? What are you doing to really address these issues?
And I know the second panel is also speaking to voter
education.
Ms. Mathis. We believe very strongly with a partnership
with our local election officials, and so that extends to voter
outreach, voter training, poll worker training. We work with
our local election officials to ensure that they have best
practices, that we provide them materials, you know, handouts.
We also--we have webinars where we'll train the local election
officials to provide additional media.
Mrs. Davis of California. Can you think of an instance when
you've actually picked up a problem, and they've corrected it?
Ms. Mathis. If they what?
Mrs. Davis of California. That you picked up a problem,
pointed out something to them that could be an issue and that
they changed it.
Ms. Mathis. Yes. We have the benefit of best practices. We
have, you know, customers all over the Nation. We'll provide to
them: You know, hey, here is what we've seen in other
jurisdictions that's worked really well. So this is an ongoing
partnership, and you know, our customers, our local election
officials rate us very highly. It's just an ongoing, you know,
lifelong partnership with them. We absolutely are part of that
solution.
Mr. Poulos. Congressman, what we hear from our customers
and what they value is the shared perspective of best practices
from our experience around the country with experience that
they at that local jurisdiction may not have seen, particularly
as it pertains to the deployment of new equipment. Voter
outreach and poll worker training is exceedingly important.
We've been asked questions about can we build an un-
hackable voting system? And, really, you can have a very
secure, reliable, accurate system that's transparent, but
again, you have to understand the people and processes layered
on top of that and pose additional risks. This is something
that voting officials have known for decades. That's why we
have poll watchers. It's why warehouses are bipartisan, and
boards of election are bipartisan. The poll worker training and
the train the trainer is something that is exceedingly
important in the ongoing vigilance of the migrating threats
that we see.
Mr. Burt. Congresswoman, you mentioned the importance of
voter education. We agree. For some, unfortunately, interacting
with a piece of technology such as a touch screen or even a
voting machine can be somewhat intimidating, and we don't ever
want that to be a reason that someone would choose to not go
and vote. So starting with making sure that our customers
understand at a very deep level how these machines operate and
then assisting them, going out in the public. For example, with
the city of Philadelphia, we made our machines available in
many public squares and invited citizens prior, months in
advance of the first election where this equipment would be
used so that people could kind of remove the intimidation
factor from interacting with a new piece of equipment and make
sure that they are comfortable so that they would be encouraged
to be able to come out and exercise their right to vote.
Mrs. Davis of California. Thank you. I certainly hope we
don't hear about some of those horror stories that have
occurred from time to time, and it's not all your
responsibility, of course, but where you can help I think is
helpful.
In the interest of transparency, could you share just this
quickly how much of your annual profits, and if you could tell
us, you know, what are your annual profits? How much of that
money comes from sales of new voting machines, and how much of
it comes from service contracts for existing machines?
Mr. Burt. Congresswoman, that varies very substantially
from year to year. There are years or there have been years,
even recent years where we've sold very minimal amounts of
hardware. And, of course, last year in the recent run up in
preparation for 2020, I believe all three of our companies sold
a disproportionate amount of hardware because of the actions
that jurisdictions were taking. But there is no--unfortunately,
I wish there were. There is no even or normal in terms of the
mix between hardware and services in this industry.
Mrs. Davis of California. Annual profits? I think my time
is up.
Mr. Burt. Congresswoman, we're a private company, so we'll
keep that information private.
Mrs. Davis of California. Madam Chairperson, if you want
to--does that really represent kind of where you're at as well
in terms of----
Mr. Poulos. Correct.
Mrs. Davis of California. All right. Thank you. Thank you,
Madam Chairperson.
The Chairperson. The gentleman from North Carolina is
recognized for five minutes.
Mr. Butterfield. Thank you, Madam Chairperson.
Madam Chairperson, the first round went very quickly, and I
was unable to ask my final question, and so let me pose it at
this time. To all three of you, do your tabulators have
wireless modems capacity?
Mr. Burt.
Mr. Burt. We do field some tabulators with wireless modem
capability, yes.
Mr. Butterfield. Do you have any concerns about whether or
not that poses any security threats?
Mr. Burt. I think that there's always a concern. That's
something that we've discussed with our--with our technology
partners and our government partners. We recently assisted with
the State of Rhode Island to test a new service where Verizon
has a private network that does not travel on the normal
internet highway. It's blocked by firewalls on either side.
They involved their--their National Guard in these tests and
determine that these systems were, in fact, very low risk and
that they wanted to continue using them.
Mr. Butterfield. Does Dominion use wireless modems?
Mr. Poulos. Yes, Congressman. So, in relation to the
precinct level machines, we use them insofar as a State has a
regulation and requirements to report unofficial results
remotely. And the way we do it, so to answer your question on--
in terms of a concern, there are additional risks that are
posed when you have remote transmission of results. We work to
mitigate them with State and local officials. All of our modems
have--work on a private network.
Mr. Butterfield. Ms. Mathis, do you have modems as well?
Ms. Mathis. Yes. We do similar.
Mr. Butterfield. I'm going to run out of time this time
around. Finally, the Ranking Member raised a few minutes ago
our concerns, our bipartisan concerns about private equity.
Would you be willing to submit to--each one of you to submit in
writing after this hearing a list of all individuals and
entities with at least a 50 percent or more--5 percent or more
ownership? They said 80 and 76. So I thought I would raise it
to 50. Let's say 5 percent or more ownership or controlled
interest in your company including private equity.
Mr. Poulos. Congressman, we regularly make that exact
disclosure to our customers.
Mr. Butterfield. But it is 80 percent.
Mr. Poulos. Oh. It's 5 percent, anything over 5 percent. We
actually answer all questions to our customers.
Mr. Butterfield. Didn't you say earlier that 80 percent of
your ownership is with----
Mr. Poulos. Ours is--I think it's 76, yeah.
Mr. Butterfield. Someone said 80 percent? All right. You
are not in a position to provide a list of those investors?
Mr. Poulos. Oh, no. We are.
Mr. Butterfield. All right. All right. it's part of the
public record currently.
Mr. Poulos. I don't know if jurisdictions publish it, but
we're certainly not adverse to it.
Mr. Butterfield. If you give it to the customers, then you
can certainly give it to this Committee.
Mr. Poulos. Of course.
Mr. Butterfield. Would you do that?
Mr. Poulos. Of course.
Mr. Burt. Congressman, just to clarify, I believe your
question was to disclose anyone who owned 5 percent or more of
the business. And my answer is, yes, we will supply that, and
we have actually supplied that information to your State of
North Carolina.
Mr. Butterfield. All right.
And Ms. Mathis.
Ms. Mathis. Yes. Same feedback. So, as far as greater than
5 percent, we have provided that.
Mr. Butterfield. All right. Thank you. I yield back.
The Chairperson. The gentleman from North Carolina yields
back.
The gentlelady from Ohio is recognized for five minutes.
Ms. Fudge. Thank you. Again, thank you for being here. I
really don't have a question for them. I just have a comment,
Madam Chairperson. I'm glad that we agree on the fact that
persons who work in your particular companies and in your field
should not be making contributions to Members of Congress, but
I'm always amused by how we change positions from day to day.
One day my colleagues say: Corporations are people, my friend,
you know, and they should be able to make contributions.
So I don't know why you shouldn't be able to.
Then they'll say: It's a First Amendment right for people
to make contributions.
They oppose campaign finance reform, and then they contort
the language of H.R. 1. I'm just always confused about where
they stand, so I appreciate your position. I think that it is
the correct position, but I don't want you to get crosswise
because corporations are people, my friend.
I yield back.
The Chairperson. The gentlelady yields back.
The gentleman from California is recognized for five
minutes.
Mr. Aguilar. Thank you, Madam Chairperson.
Just one last question to follow up on Mrs. Davis, who
asked a little bit about your company's annual profits. And I
think it's fair to say that the revenue derived by the
companies comes from--would it be fair--let me start there.
Would it be fair to say that the revenue that your companies
derive comes from those two main sources which is selling
machines and then providing services, contracts for services
related to those machines and their use. Is that fair?
Mr. Poulos. That's fair.
Mr. Burt. Yes.
Mr. Aguilar. So, if the three of you control 80 percent of
the market, my concern is what portion of your revenue do you
invest in research and development to produce better, more
secure, more cost-effective machines? Because what I don't want
to get to is a position where you three control--we have the
same hearing in 2 years, 4 years, and you control 95 percent,
and you collectively decide, well we're just going to you know,
sell a few machines, provide those contracts to those, and
we're going to kind of work with each other to make sure that
we don't innovate, you know, continue to grow.
I'm not saying that you folks do. I'm saying that, you
know, it wouldn't shock you to say--it wouldn't shock you to
hear that folks have come to Congress in the past when their
proportionate share of a business gets a little too large, and
members have concerns about where that could go.
Mr. Burt, can you talk a little bit about research and
development?
Mr. Burt. Sure. I think you raise a very important concern.
There are new entrants into our marketplace, however, and some
have been quite successful as of late. We've been presented
this question before in terms of a percentage of revenue that
we reinvest for research and development. Historically, we're
somewhere around 19 percent of revenue that gets reinvested as
research and development.
Mr. Aguilar. Mr. Poulos.
Mr. Poulos. Congressman, innovation is critical for us. We
are only as good as our--the products that we come out with and
certify. Depending on the year because of our revenue
fluctuation, it's anywhere from 20 percent as high as 35
percent.
Mr. Aguilar. Ms. Mathis.
Ms. Mathis. Yeah. Very similar on our side. Innovation is
critical to us, and as far as, you know, the--we are trusted
election partners to our local election official customers. So
it's imperative to us that we're continuing to innovate and
make sure that we're keeping up with or staying ahead of the
technology.
Mr. Aguilar. I didn't hear the percentage or the range.
Ms. Mathis. We--ours also varies just depending on kind of
the year, but----
Mr. Aguilar. I heard 19 percent. I heard 20 to 35 percent.
Ms. Mathis. Yes. We're closer to the 25 percent.
Mr. Aguilar. Okay. Thank you. I appreciate it.
Thank you, Madam Chairperson.
The Chairperson. The gentleman yields back, and that is all
of our questions for moment. However, as I mentioned in my
opening statement, we may follow up with written questions
after this hearing. If we do that, we do ask that you respond
promptly. We thank you very much for your testimony today, and
you are excused.
I'd like to call up the next panel, and maybe we can--it's
a big panel. We need to put a few more chairs up.
I would like to invite the next panel to take their seats,
and I will begin introducing this panel. First, if we can ask
the panelists to sit. It's a little crowded, but we've got some
great witnesses. First, I would like to introduce Liz Howard.
She serves as Counsel for the Brennan Center's Democracy
Program. Her work focuses on cyber security in elections. Prior
to joining the Brennan Center, Ms. Howard served as Deputy
Commissioner for the Virginia Department of Elections. During
her tenure, she coordinated many election administration
modernization products, including the decertification of all
paperless voting systems.
Dr. Matt Blaze is a researcher in the area of secure
systems, cryptography, and trust management. He is currently
the McDevitt Chair of Computer Science and Law at Georgetown
University Law Center. He is a co-founder of the DEFCON Voting
Village.
Dr. Juan E Gilbert. Dr. Gilbert is the Banks Preeminence
Chair in Human-Centered Computing and Chair of the computer and
information science and engineering department at the
University of Florida, where he leads the Human Experience
Research Lab. He was part of the committee of experts and
academics who wrote ``Securing the Vote: Protecting American
Democracy'' for the National Academy of Sciences, Engineering,
and Medicine. Dr. Gilbert also created an open-source voting
system that is used in Federal, State, and local elections.
The Reverend Dr. T. Anthony Spearman is a member of the
Guilford County Board of Elections in North Carolina. He was
elected President of the North Carolina NAACP in October 2017.
In 2016, Dr. Spearman played an important role in the voter
suppression litigation that challenged suppressive voter ID
requirements and other legislation that would suppress votes in
communities of color and other represented communities.
Commissioner Donald Palmer was confirmed to the EAC in
2019. He is a former Bipartisan Policy Center fellow where he
provided testimony to State legislatures on election
administration and voting reforms concerning election
modernization. Commissioner Palmer was appointed secretary of
the Virginia Board of Elections by former Virginia Governor Bob
McDonald in 2011, and he served as the Commonwealth's chief
election officer until 2014. He formerly served as the Florida
Department of State's director of elections, and prior to his
work in election administration, he served as a trial attorney
with the Voting Rights Section of the Department of Justice's
Civil Rights Division. He was a U.S. Navy intelligence officer
and Judge Advocate General and was awarded the Navy Meritorious
Service Medal and the Navy Commendation Medal and the Joint
Service Commendation Medal.
Finally, I'm going to turn to our Ranking Member, Mr.
Davis, to introduce Mr. Gianasi.
Mr. Davis of Illinois. Thank you, Madam Chairperson.
And, Mr. Palmer, thank you for your service in the JAG
Corps. I'd be remiss if I didn't mention Cole Felder, who is
sitting behind me, our General Counsel on this Committee, will
be leaving to join the JAG Corps just next week, so this will
be his last hearing.
So, Cole, thank you for what you've done here. Thank you
for your service-to-be for our country.
I'm really proud to announce our last witness, my home
election official, county clerk and recorder in Christian
County, Illinois, Michael Gianasi. Prior to his appointment and
election--appointed in 2017 and elected in 2018--he was also in
the private sector but was our Supervisor of Assessment, so not
necessarily the most fun job in the county courthouse to deal
with property tax assessments, but he did a great job. And I
want to tell you: Mike's here because I believe his testimony
is going to provide an interesting perspective given his
experience as a local county official who has actually
administered elections.
I've known Mike almost my entire life, probably from
playing youth sports together in the same hometown to
graduating high school together and working together as he was
a fixture at the courthouse when I was working back in
Illinois. Mike and I are good friends. Mike's a Democrat and
I'm a Republican. I know that a guy like Mike Gianasi, the only
thing he cares about when it comes to administering elections
in my home county where I vote is to get it fair, make sure
everybody has access to vote, and to ensure that there's no
problems, especially on election night. Now, I know that's the
concern of everyone. I think Mike's going to give a unique
perspective even coming from a small rural county about how
something that may be a good idea here in Washington, how it
may impact their ability to actually run that election as
efficiently and as effectively as possible. This is Mike's
first trip to D.C. too. I got to take him on a nice tour of the
Capitol last night.
So, Mike, that you enjoy the rest of your trip. I just want
to thank you for your opening testimony, and I really want to
thank you for your insight that you're going to be able to give
to this Committee, to this city, and to this country about what
it takes to run an election in places like central Illinois.
And, with that, thanks again for coming, Buddy.
I yield back.
The Chairperson. Thank you very much.
As you heard with the prior panel, each of you will be
asked to testify for five minutes, but your full written
statement will be made part of the record.
At this point, I'd like to ask each of you to stand and
raise your right hand.
[Witnesses sworn.]
The Chairperson. The record will note that each witness
responded in the affirmative.
So we will turn first to you, Ms. Howard, and we will hear
from each of the witnesses.
TESTIMONY OF LIZ HOWARD, COUNSEL, BRENNAN CENTER FOR JUSTICE,
WASHINGTON, D.C.; MATT BLAZE, PROFESSOR OF LAW, GEORGETOWN
UNIVERSITY LAW CENTER, WASHINGTON, D.C.; JUAN GILBERT, ANDREW
BANKS FAMILY PREEMINENCE ENDOWED PROFESSOR & CHAIR, UNIVERSITY
OF FLORIDA, GAINESVILLE, FLORIDA; REV. T. ANTHONY SPEARMAN,
PRESIDENT, NORTH CAROLINA NAACP, GREENSBORO, NORTH CAROLINA;
THE HONORABLE DONALD PALMER, COMMISSIONER, ELECTION ASSISTANCE
COMMISSION, SILVER SPRING, MARYLAND; AND MIKE GIANASI, COUNTY
CLERK AND RECORDER, CHRISTIAN COUNTY OF ILLINOIS, TAYLORVILLE,
ILLINOIS.
TESTIMONY OF LIZ HOWARD
Ms. Howard. Thank you. Thank you, Chairperson Lofgren,
Ranking Member Davis, and Members of the Committee for holding
this hearing and providing me with the opportunity to testify
about the ongoing efforts to secure voting systems across the
country and the challenges to this progress stemming from a
lack of vendor oversight. Today's unprecedented hearing is a
much appreciated continuation of this Committee's work to
improve the security of our Nation's election infrastructure
and an important step towards comprehensive vendor oversight to
address the significant security gaps that remain.
Today, I hope to convey three main points: First, election
vendors play a critical role in our democracy but have received
little or no congressional oversight. Second, despite this lack
of oversight, significant progress has been made in improving
election security since 2016. Third, there's still more to do
to further strengthen our election systems ahead of the 2020
election and beyond. Congress has a critical role to play in
that process, including oversight of the vendors that are so
important to the security and accuracy of our elections.
The absence of Federal oversight negatively impacts
election officials' ability to further strengthen our election
infrastructure and is felt most acutely in times of crisis, as
I know from my own experience. In 2017, roughly months before a
high-profile election, paperless voting machines used across
Virginia were publicly hacked at DEFCON, and a password for one
of these machines was publicly reported. Even though I was the
deputy commissioner of elections, I didn't know if the vendors
knew about the vulnerabilities exploited by the hackers, if the
vendors had taken any steps to address these vulnerabilities,
who owned or controlled the vendors, or if they would promptly
and fully respond to any of my questions as they are not--as
they were not then and are not now--subject to comprehensive
Federal oversight.
In no other subsector designated as critical infrastructure
are private vendors allowed to serve critical functions without
commonsense oversight. Election officials, voters, and the
public deserve answers to questions about our election system
vendors.
While the ongoing work of election officials in this
Committee has resulted in significant election security
progress across the country, these efforts are no substitute
for comprehensive oversight of the wide variety of election
vendors that play a critical role in the administration of our
elections yet are currently subject to little or no Federal
oversight or regulation. The comprehensive vendor oversight
framework we recommend applies not only to voting system
vendors but also to vendors that program and maintain those
systems that count and tally votes and build, manage, and
maintain voter registration databases and electronic poll books
that allow election officials to judge who is eligible to vote.
I was gratified to hear the CEOs of the three leading
voting machine vendors embrace these recommendations for
comprehensive reform earlier today. We hope that Congress can
move quickly to adopt these reforms but understand that it may
take a while to fully implement them. In my written testimony,
I outline the steps that we recommend Congress take in the
short term, which include oversight of the $425 million
recently allocated for election security, paying particular
attention to if the money is being spent on building robust
resiliency plans to detect and recover from successful breaches
to ensure that, regardless of whether there is a successful
attack, voters will still be able to vote and have their vote
counted accurately. In addition, I included steps that Congress
should take to protect our election infrastructure after 2020,
which include expansion of the EAC's oversight role to include
more robust monitoring and disclosure of the security practices
and ownership of election system vendors.
While the lack of vendor oversight is a significant
concern, and this Committee and election officials across the
country have much work to do before and after the 2020
election, it's important to acknowledge the progress made in
strengthening our election infrastructure, including our voting
systems, since 2016. For example, almost half of the States
using paperless voting machines in 2016 have transitioned to
now using paper-based voting systems. Congress has allocated
almost--a little bit over, actually--$800 million to bolster
election security in the States. Awareness of the risk to our
election infrastructure has increased dramatically, and
election officials across the country are implementing a
variety of measures to make our voting systems more resilient
and secure.
Thank you for your time. I look forward to your questions.
[The statement of Ms. Howard follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much.
Dr. Blaze, we'd love to hear from you.
TESTIMONY OF MATT BLAZE
Mr. Blaze. Thank you, Chairperson Lofgren and Ranking
Member Davis, for convening this hearing on the urgently
important topic of securing America's elections.
I come here today as a computer scientist who's spent the
better part of the last quarter-century studying election
system security.
As you are well aware, the integrity of elections across
the U.S. depends heavily on the integrity of computers and
software systems that are embedded across our election
infrastructure. Complex software lies at the heart not just of
vote-casting equipment used at polling places but also the
information systems used by local authorities to manage
everything from voter registration records to the tallying and
reporting of election results, to the creation of ballots and
so forth.
Unfortunately, much of this infrastructure has proven
dangerously vulnerable to tampering and attack and, in some
cases, in ways that cannot be easily detected or corrected
after the fact. These vulnerabilities can create practical
avenues for corrupt candidates or foreign adversaries to do
everything from cause large-scale disruption on election day to
potentially undetectably alter election outcomes in some cases.
Now, for the purpose of my testimony, it's helpful to
consider voting machines and election management infrastructure
separately. Let me begin with the voting equipment itself.
To be blunt, it's a widely recognized indisputable fact
that every piece of computerized voting equipment in use at
polling places today can be easily compromised in ways that
have the potential to disrupt election operations, compromise
firmware and software, and potentially alter vote tallies in
the absence of other safeguards.
This is partly a consequence of historically poor design
and implementation by equipment vendors, but it's ultimately a
reflection of the nature of complex software. It's simply
beyond the state of the art to build software systems that can
reliably withstand targeted attack by a determined adversary in
this kind of an environment.
The vulnerabilities are real, they're serious, and, absent
a surprising and very fundamental breakthrough in my field,
which I would welcome but I don't see coming soon, probably
inevitable.
Fortunately,--this is not all bad news--there is now
overwhelming consensus among experts on how we can conduct
reliable elections despite the inherent unreliability of the
underlying software. This requires two things.
The first is that the voting technology retain a reliable
paper record that reflects the voters' intended choices.
Fortunately, equipment that has this property exists today, and
it's, in fact, the simplest of the voting equipment available.
And I refer here to paper ballots that have been preferably
marked by hand, when possible, that are fed into an optical
scan ballot reader when the vote is cast and the original voter
ballot is retained.
But this isn't sufficient by itself, because the software
in the ballot scanners is, itself, vulnerable to tampering or
error.
The second requirement is that the election be reliably
audited to ensure that the software is reporting the correct
outcomes of each race as defined by the ballots that the voter
has marked. And there's a statistically rigorous technique
called risk-limiting audits that you've heard about that can
accomplish this effectively and quickly. But this has to be
routinely performed after every election in order to provide
meaningful assurance.
Unfortunately, only a handful of States currently conduct
these audits. And it's urgent that both of these safeguards--
paper ballots and risk-limiting audits--recognized by experts
universally as essential for election integrity, be adopted
quickly and widely throughout the Nation.
The second technology is the election management
infrastructure in use by jurisdictions. We give most of the
attention to vulnerabilities in voting machines, but that's not
the whole story. Each of the more than 5,000 jurisdictions
responsible for running elections across the Nation must
maintain a number of critical information systems that are
attractive targets for disruption by adversaries. Most
important of these are voter registration databases, the
systems that report final results and so forth.
Unfortunately, there are even fewer standards for how to
secure these systems. The administration of these systems
varies widely. And the threats against these systems are often
even more acute than the threats against individual voting
systems.
You know, just as we don't expect the local sheriff to
single-handedly defend against military ground invasions, we
shouldn't expect county election IT managers to defend against
cyber-attacks by foreign intelligence services, but that's
precisely what we've been asking them to do.
Thank you again for your attention to these important
issues. This is a vitally important topic, and I'm grateful
that you've invited me to testify.
[The statement of Mr. Blaze follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much, Dr. Blaze.
Dr. Gilbert.
TESTIMONY OF JUAN GILBERT
Mr. Gilbert. Chairperson Lofgren, Ranking Member Davis,
Members of the Committee, I am honored to share with you my
expertise in voting system security, accessibility, and
usability.
I have worked in elections for more than 15 years,
conducting research, developing innovative technologies, and
conducting studies with various election stakeholders.
In 2003, I created Prime III, an open-source universally
designed system. To my knowledge, Prime III is the only open-
source voting system to be used in State, Federal, and local
elections in the United States. New Hampshire adopted Prime
III, renamed it as ``One4All,'' and Butler County, Ohio, uses
it as their accessible absentee system. Furthermore, voting
machine vendors have created ballot-marking systems modeled
after Prime III.
While I am appearing today in my capacity as an expert in
voting systems, I would like to take this opportunity to share
some key recommendations from the 2018 National Academies of
Science, Engineering, and Medicine consensus report titled
``Securing the Vote: Protecting American Democracy.''
I was a member of the committee that authored the report,
but I would emphasize that any opinions expressed about the
report and its recommendations are my own and do not
necessarily represent positions of the National Academies.
``Securing the Vote'' was the result of a two-year National
Academies study conducted by experts from election
administration and policy, cybersecurity, accessibility, and
law. Over the course of the study, the committee reviewed
extensive background materials. It held five meetings where
invited experts spoke to the committee about a range of topics,
including voter registration, accessibility, voting
technologies, market impediments to technological innovation,
cybersecurity, post-election audits, and the education and
training of election workers.
The committee did not have access to classified information
but instead relied on information in the public domain,
including State and Federal Government reports, published
academic literature, testimony from congressional hearings, and
presentations to the committee.
Issues related to voting such as voter identification laws,
foreign and domestic disinformation, and other similar topics
were outside the charge of the committee and, therefore, are
not included in the report.
The Academies' report recommended that elections be
conducted using human-readable paper ballots. It said that
these ballots may be marked by hand or by machine using a
ballot-marking device and that they may be counted by hand or
by machine using an optical scanner.
The report further recommended that recounts and audits
should be conducted by human inspection of the human-readable
portion of the paper ballots and that voting machines that do
not provide the capacity for independent auditing--for example,
machines that do not produce voter-verifiable paper audit
trails--should be removed from service as soon as possible.
Currently, there's no known way to secure a digital ballot.
At this time, any election that does not employ paper ballots
cannot be secure. Therefore, the report recommended that
internet voting and specifically the electronic return of
marked ballots should not be used at this time.
The Academies' report also recommended that vendors and
election officials should be required to report any detected
efforts to probe, tamper with, or interfere with election
systems, including voter registration systems. Each State
should require a comprehensive system of post-election audits
of processes and outcomes. A detailed set of cybersecurity best
practices for State and local election officials should be
continuously developed and maintained. Congress should provide
funding to help State and local governments modernize their
election systems and improve cybersecurity capabilities.
Congress should authorize and provide funding for a major
research initiative on voting. Recommendation 7.3 of the
Academies' report says that ``Congress should authorize and
fund immediately a major initiative on voting that supports
basic, applied, and translational research relevant to the
administration, conduct, and performance of elections. This
initiative should include academic centers to foster
collaboration both across disciplines and with State and local
election officials and industry.''
This recommendation is bold, calls for research and
development that provides solutions to issues identified in the
report. I believe that a minimum of $25 million in funding over
a five -year period would be needed to establish a national
center.
As a Nation, we have the capacity to build an election
system for the future, but doing so requires focused attention
from citizens, Federal, State, and local governments, election
administrators, and innovators in academia and industry. It
also requires a commitment of appropriate resources.
Representative democracy only works if all eligible
citizens can participate in elections and be confident that
their ballots have been accurately cast, counted, and then
tabulated.
Thank you for the opportunity to be here.
[The statement of Mr. Gilbert follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much.
Reverend Spearman, we'd love to hear from you.
TESTIMONY OF REV. T. ANTHONY SPEARMAN
Rev. Spearman. Good afternoon, Chairperson Lofgren, Ranking
Member Davis, and Committee Members.
I am indeed honored to be here, for, unlike the previous
participants on these panels, I am neither a voting systems
vendor nor an expert. I'm an activist, one who was raised in a
household where the vote was held sacred.
I'm the president of the North Carolina State Conference of
Branches of the National Association for the Advancement of
Colored People and the only county board of elections member of
color from Guilford County, North Carolina. And while not an
expert in election security, I rely on the findings of those
scientists who are and urge my colleagues on county boards
across the Nation to do so as well. We must listen to
scientists, not vendor marketing claims.
Dr. Alex Halderman just published research and finds that
electronic ballot-marking devices do not create ballots that
can be reasonably audited, which is consistent with the
recently expanded study by Dr. Philip Stark, Dr. Richard
DeMillo, and Dr. Andrew Appel concluding that electronic
ballot-marking devices cannot be relied on to produce elections
that assure the will of the people.
Dr. Duncan Buell, along with others, has studied how voting
machines and their allocation can create lines that frustrate
and disenfranchise voters.
Let me hasten to say that I am not anti-technology, but I
agree with the scientists who argue that election security can
be compromised by placing an electronic device between a voter
and the ballot.
While the election security defenses needed to detect and
stop cyber-attacks may seem impossibly complex and
overwhelming, there's a practical, low-tech, traditional answer
to mitigating the greatest threats, assuring that any attacks
can be detected and cannot be ultimately achieved or effective.
That's where I come in. I was first elected to the Guilford
County Board of Elections in 2017 for a two-year term and
reelected in January 2019 for another two-year term. During my
first term, I was the only member of the board without a legal
degree. All I had sitting at the table with me was my activism,
passion for voters, and my experience working in elections.
Prior to my election to a seat on the Guilford County
board, my volunteerism as a precinct worker began as an
election day specialist around 2017 in Catawba County after a
growing number of members began venting their frustrations with
the voting process.
Coincidentally, this was the same year that tremendous
advances for voters occurred in the State of North Carolina.
Same-day registration began allowing voters to cast ballots
during the early-voting period, which led to an increase in
voter participation during the November 8, 2008 Presidential
election. In Catawba County, voters used hand-marked paper
ballots.
In 2014, when I was appointed to a church in Greensboro, an
opportunity to work at a precinct in Guilford County presented
itself. And there I worked as a judge and on to becoming the
chief judge, or overseer, of FEN1, one of the largest precincts
in the county.
In Guilford County, iVotronics, or direct recording
electronics, DREs, were in use. And among my growing concerns
while serving the precinct were problems that arose with the
touch-screen or iVotronic devices.
I was the overseer, chief overseer, of the sixth-highest
voter precinct in Guilford County, with 3,800 voters. As one of
my friends has convinced me, the first line of defense is the
local county bipartisan election board, like the one I sit on
in Guilford County, North Carolina. Across the Nation, they are
authorities for selecting voting systems and reviewing the
ballot tabulations before they certify the election results.
If voters, campaigns, political parties, and candidates
insist that these boards, one, select only hand-marked paper
ballots as standard equipment; two, maintain ballot chain of
custody; three, distribute an accurate paper backup pollbook to
the polls; and, four, conduct vigorous reviews of the election
returns and tabulations before certifying, cyber- attacks
cannot be successful. They can't be prevented, but the
jurisdiction can recover from them and verify the will of the
people. I'm talking first line of defense.
As a first-time witness of the process for voting machine
certification, I must admit I was highly disturbed that the
demonstration was conducted in what I viewed as an inconvenient
place, off the beaten path for most voters. As I drove to the
site, I became overwhelmed with how un-user-friendly this
location was for minorities, and, as I recall, I was the only
person of color in attendance.
But not only that, when I reviewed the agenda and saw how
the demonstration was to be conducted, with the majority of
time allotted to county board members and only a few minutes
left for the public to view systems, I immediately called the
director of elections and expressed my displeasure with the
setup. By the time I arrived, the necessary adjustments had
been made, and everyone moved through the demonstrations
together.
Elections belong to the people, and the more the people are
included in the process, the more we may gain their trust and
confidence.
Thank you for allowing me to share.
[The statement of Rev. Spearman follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much.
Commissioner Palmer.
TESTIMONY OF THE HONORABLE DONALD PALMER
Mr. Palmer. Good afternoon, Chairperson Lofgren, Ranking
Member Davis, and Members of the Committee. I'm thankful for
the opportunity to testify before you today on the important
work being done by the United States Election Assistance
Commission in preparation for the 2020 Federal elections.
As prescribed by the Commission's enabling legislation, the
Help America Vote Act of 2002, HAVA, the EAC is focused on
State and local election officials across the United States and
providing secure, accessible, and accurate elections. Under
that act, the EAC works to implement election reforms, assist
States in certifying voting systems, advance voting
accessibility, disburse HAVA funds, and serve as a
clearinghouse of election information and best practices in the
laboratory of States.
In pursuit of this mission, we collaborate closely with
State and local election officials, Federal partners, and
others in the election community.
I am grateful that the expert and vendor witnesses
testifying before you today have shared their insight on the
important topic of election security.
I would like to begin by thanking Congress for your recent
efforts to increase funding in this area. The addition of $425
million in HAVA grant funds, with a 20-percent State match,
will go a long way toward enhancing election technology and
improving security in State and local elections.
Simultaneously, the 40-percent increase in the EAC budget
will allow us to bolster existing programs and enhance
resources. I should note that EAC's distribution of $380
million in 2018 HAVA funds to the States in the lead-up to the
midterm elections was and continues to be, critically important
to helping officials secure the elections infrastructure.
I would like to highlight an important update to our
testing and certification program. The testing and
certification program manual allowed for minor, de minimis
changes, software changes, without the overhead of a full-blown
voting system certification campaign. In November of 2019, the
EAC's testing and certification program issued a notice of
clarification, providing clear guidelines on submitting these
minor changes for certification. The EAC expects that this
process will be used by vendors to rapidly update the security
of their systems with the latest software patches and operating
system updates.
Tremendous progress was also made in 2019 toward the
adoption of voluntary voting system guidelines, what we call
VVSG 2.0. VVSG 2.0 will represent a significant leap forward in
defining new standards that will serve as the template for the
new generation of secure and accessible voting systems.
The hard work of NIST staff and EAC personnel culminated in
the presentations of these draft requirements to the Technical
Guidelines Development Committee. This committee is now
considering the recommendations to the EAC on adoption.
My fellow commissioners and I are committed to a
transparent and thorough deliberation on the path to
implementing VVSG 2.0. The EAC Standards Board and the Board of
Advisors will meet in April of 2020 to consider these new
requirements, and after their key input, it is my hope that the
VVSG 2.0 will be finalized and voted on in the upcoming months.
As the Nation focuses on the 2020 election this year, so
does the EAC. On January 14, we are bringing together election
officials and experts in election security and accessibility to
kick off our #2020Focus campaign at the National Press Club.
The topics for discussion will include the security
environment, the need for enhanced poll-worker training, and
ensuring accessible elections for all Americans.
The increased fiscal year 2020 appropriations for the EAC
will allow us to fill critical staffing vacancies within the
agency as well as bolstering our staff to meet rising demands.
I am pleased to report that the EAC is in the process of
identifying candidates for a new general counsel and additional
communication personnel. The statutory process for identifying
candidates for executive director is well underway.
We also plan to add staff in our testing and certification
program. Expansions to this program will enhance the capability
of handling frequent voting system security updates through the
de minimis process while fulfilling its other duties of
conducting training for election administrators, performing on-
site audits of voting system manufacturing and test lab
facilities, and overseeing a risk-limiting audit assistance
program.
HAVA has set forth an ambitious agenda for the EAC, one
rooted in protecting the very foundation of our Nation's
democracy. Despite very real and persistent resource challenges
in recent years, the EAC has fulfilled its obligation and even
expanded the support it provides to election administrators and
voters.
With strong support from the Congress in the recent
appropriations cycle and the reestablishment of a quorum of
commissioners, the EAC is ready for its next chapter. We look
forward to working with the Congress as we continue our efforts
to help America vote.
I am happy to answer any questions you may have following
today's testimony.
[The statement of Mr. Palmer follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much.
And last but certainly not least, Mr. Gianasi.
TESTIMONY OF MIKE GIANASI
Mr. Gianasi. Thank you.
Chairperson Lofgren, Ranking Member Davis, and all the
other honored Committee Members here today, thank you for the
invitation to come and speak before you.
As stated previously, Ranking Member Davis and I are
friends. We've grown up in the same town. It's in central
Illinois. It's the town of Taylorville, which is the county
seat of the county of Christian in Illinois. Also as stated
previously, I was appointed as the county clerk and recorder in
2017 upon the retirement of that previous clerk and recorder.
Subsequently, I was elected as the county clerk and recorder in
2018, of which I currently serve as today.
The introduction of my tenure as the election authority was
rather swift and, at that time, being in the 2017-2018
timeframe, focused on an increase in cybersecurity-related
responsibilities. I had not been a participant in this arena
prior to that time period, so although there were a lot of
discussions and a lot of other situations that had occurred
previously, I was not a party to that. However, as the new
election authority, it has become my responsibility to take
into account all of these situations and, now, all of the
increasing responsibilities as the days go by.
As the election authority, my primary concern on the topic
of elections involves several categories, one being physical
security of course. The election equipment that I have custody
of is stored away in my courthouse in a locked room.
That election equipment, by the way--I might as well make
this comment--is being delivered today because, as of recently,
I have been approved the ability to obtain new election
equipment. My previous election equipment was the AccuVote and
TSx-type model equipment from Diebold, which is no longer being
used by Christian County. We have now upgraded our equipment to
the new equipment provided by Unisyn Voting Solutions,
Incorporated, who is not here today.
In regards to meeting with my election vendor, who I have
trusted for many, many years and previous clerks have trusted
for many years, the choice of this election equipment was the
correct choice and a sound choice.
The election equipment that I have chosen is their
equipment that provides a paper trail, as required by the State
of Illinois, for all votes cast, whether it be cast manually
through the paper ballot or using the touch-screen device,
which produces a paper ballot in human-readable form at the end
of the process, for which the person then has the opportunity
to review that, and then they will, themselves, place that
ballot into the ballot box for tabulation.
Some of the other logistics that I have to also worry about
include staffing of election judges. It is very difficult to
always staff my election judges adequately, but we do the best
we can. Christian County, not being a large jurisdiction, has
30 precincts, and of those 30 precincts, we have 23 physical
polling locations so five judges per precinct. And it sometimes
is rather difficult, but we do our best to try to make sure
that we have as much staffing as we can at those locations.
The election equipment, as far as custody, it stays in that
locked room. It's only accessed by myself or my staff whenever
we need to do any upgrades as far as programming, which is
involving, of course, our election vendor, because I do have
that service as well. And then we release that equipment to the
election judges prior to the election so that they can take it
out, get it to the precincts, and then they will bring it back
at the end of the election cycle.
The cybersecurity-related responsibilities, as I described
before, have become increasingly noticeable. I am a member of
the MS-ISAC, the EI-ISAC, and the HSIN. I receive notices on a
daily basis, multiple times a day, through emails from all of
these organizations notifying me of vulnerabilities primarily
to software packages but occasionally to other situations that
would just allow for us to be on a heightened awareness of
other attacks possibly directed to our firewall.
The situation as far as funding, of course, as a local
election authority, we do receive funding through the HAVA
grants, which is funneled from the Federal money through the
State down to us. And I can talk about that in more detail
later if you would like.
And that is all I have on my statement today. Thank you for
your invitation.
[The statement of Mr. Gianasi follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you.
And thanks to all of you for your testimony as well as your
written statement.
We now have time for Members to ask a few questions. I'll
first turn to the Ranking Member, Mr. Davis, for his five
minutes of questions.
Mr. Davis of Illinois. Thank you, Madam Chairperson.
And thanks to all the witnesses. Very compelling testimony.
Mr. Gianasi, I'll start with you, since you came out here
at my request. Can you tell us--I understand you recently
purchased some new machines for Christian County.
Mr. Gianasi. Correct.
Mr. Davis of Illinois. What decisions led you to purchase
those specific machines?
Mr. Gianasi. The original machines that Christian County
had been using were purchased in 2004. And those machines, like
I said before, the AccuVotes and such, TSX, were purchased
using HAVA funds that were available at that time. Those
machines, although doing well up through and including the most
recent elections, have seen better days. They have outdated
hardware that is no longer able to physically provide a dark
print on the ballot----
Mr. Davis of Illinois. So they were outdated. You----
Mr. Gianasi. Yes.
Mr. Davis of Illinois [continuing]. Needed to get some new
ones. Did you use HAVA funds to get these new machines?
Mr. Gianasi. I did not have any HAVA funds available to get
these new machines. I was able to work through the county
board, who had general obligation bond money available for this
project----
Mr. Davis of Illinois. How much did that cost you?
Mr. Gianasi. I have signed what is a six-year lease on
these machines. I chose not to purchase. And that six-year
lease, approximately $322,000.
Mr. Davis of Illinois. And knowing the size of our county,
that's a pretty big impact to the county budget.
Mr. Gianasi. As of Tuesday, I have 21,212 registered voters
in my entire county.
Mr. Davis of Illinois. Okay. Great.
When you made the decision to purchase those machines, you
didn't call anybody at the Federal Government and ask
permission, right?
Mr. Gianasi. I did not.
Mr. Davis of Illinois. Okay.
You mentioned in your testimony, too, about the Illinois
Cyber Navigator Program. It's a program I've talked about in
this hearing room many times. I think it's a great partnership
between the U.S. Department of Homeland Security and the State
of Illinois and, in turn, all local election officials, like
yourself.
How's this program been beneficial to your role as an
election administrator in Christian County?
Mr. Gianasi. The Cyber Navigator Program is beneficial, I
believe, to all election authorities and, in particular, those
that do not have the resources to maintain any form of IT
staff, in particular, or those that just have an inability to
continue to monitor all of the problems that are coming down
the line and then be able to provide solutions to those
problems.
Mr. Davis of Illinois. So you don't have a dedicated IT
staffer. You're that person, right?
Mr. Gianasi. Correct. We don't have any IT staff. The
county does hire an outside IT contractor to perform all IT-
related functions, including patch updates, firewall
maintenance, email maintenance, et cetera.
Mr. Davis of Illinois. Just for your office or for the
whole county, all the offices?
Mr. Gianasi. For the whole county, all offices.
Mr. Davis of Illinois.So the treasurer, the county clerk,
the sheriff, everybody, right?
Mr. Gianasi. Correct.
Mr. Davis of Illinois. Now, do you find that this Cyber
Navigator Program, this partnership between DHS, funded by your
Federal tax dollars, is good assistance to small, rural
counties like your own?
Mr. Gianasi. I do, because, again, with the changes that
are happening, the Cyber Navigator who now is partnering with
the county has given us the ability to promote different
aspects of cybersecurity-related awareness. He's also currently
directly assisting with the installation of new hardware which
will provide secure access between our voter registration
database server and the Illinois State Board of Elections'
database server through what's called the Illinois Century
Network.
Mr. Davis of Illinois. Excellent. Thank you for your
testimony today. Thanks for being here, Mike. Great to see you.
Mr. Palmer, while I have some time left, one major element
of the election infrastructure that I believe remains
unaddressed are electronic pollbooks. It's my understanding
that they're not currently regulated by HAVA, the Help America
Vote Act, in any way. Are there security risks associated with
electronic pollbooks?
Mr. Palmer. Yes, there is. And you're right, it's not
regulated currently under HAVA, although there are some
instances where there may be some interaction with the voting
system. I think the EAC is looking at electronic pollbooks as
perhaps there's a way the EAC could do a review and, sort of,
approval process for electronic pollbooks.
There's a growing use of electronic pollbooks across the
country. It's not universal, but more and more counties are
using them because of the ease and the ability, the accuracy of
electronic pollbooks. But there are some downsides to that, and
so the EAC feels that we have an opportunity here.
Mr. Davis of Illinois. While I have a few seconds left, can
you give us one suggestion or two suggestions of what you think
we could do to update HAVA?
And, also, if I could ask the EAC to give us an opportunity
to address some of the concerns you may have with HAVA in case
this Committee and this institution wants to readdress what was
passed years ago.
Mr. Palmer. Well, I think that there's an opportunity for
the EAC at the Federal Government level to sort of do a review
and certification program for other election systems beyond
voting systems.
But the EAC and the commissioners, we would love to talk
with the Committee as a whole and talk about ways that we
believe, at the EAC, things that could be improved from a
fundamental level.
Mr. Davis of Illinois. Right. Thank you.
The Chairperson. The gentleman's time has expired.
I turn to Mrs. Davis, the gentlelady from California for
five minutes.
Mrs. Davis of California. Thank you.
Thank you very much to all of you for being here and for
your experience in dealing with all of these issues.
Dr. Spearman, I wanted to just ask you, we've talked about
the access issue, and you brought to the election personnel the
concerns that you were having, and it sounds like they
responded to you. But I'm wondering, with all of these issues,
what you feel sometimes gets lost, sort of, on the radar screen
in terms of what the needs of people, of voters really are in
their communities that doesn't get addressed very well.
Rev. Spearman. Well, as I stated--and thank you for your
question, Congresswoman Davis. As I stated, I have--I guess I
would respond to that by saying on the county board of Guilford
County I am a rarity. I'm the only African American and I'm the
only activist. I come with the concerns of the people, the
concerns of the voter.
And oftentimes it seems as if the voter has been last on
the totem pole. And that's something that I have been
advocating for since I've been on the board, to put the people
on the radar. Because the elections, as far as I'm concerned,
are the people's. And the more the people, the more humans are
involved in the process, I think the better off we are going to
be.
As far as I am concerned right now, our democracy is an
aberrant democracy. And in order to make that democracy and
save our democracy, I think the people need to rise up and be
counted.
Mrs. Davis of California. Is there a specific change that
you think could or should be made in terms of easier access or,
again, more voting days? I don't know, vote by mail, if that's
an issue in your area?
Rev. Spearman. Well, I mean, we've been fighting for that
in North Carolina since 2013, since after Shelby versus Holder,
and we're going to continue to fight. We just recently won
another lawsuit with regard to winning a preliminary injunction
for voter photo ID, which has already been a lawsuit that we
won previously but it seems that the General Assembly continues
to come back, disguise it in different ways, and tries to get
it through again.
So, as it relates to access, one of the things that I
believe would be helpful, especially to persons like myself,
county board members, is more education, more training for the
county board members, and just let the county board members
know what it is that they are being elected to do.
Mrs. Davis of California. Thank you.
Dr. Blaze, I think it was also mentioned what should be
done at this time to try and help with these processes. And yet
we know that, in many cases, that's not going to happen before
this next election in 2020. So what is it that you think we
really need to be focused on very particularly in terms of
hacking of any elections, intervention? What is it that you're
most worried about?
Mr. Blaze. Sure. Well, I think, you know, the things that
I'm most worried about are a repeat of some of the types of
attacks that we saw in 2016 against larger election
infrastructure, not just voting machines themselves but the
back-end systems that manage voter registration records and so
on.
We've been very fortunate that even in 2016 the attacks
against our systems had a relatively light touch. A determined
adversary who wanted to disrupt our elections would have a
frighteningly easy task if they wanted to do so. And I worry
that the over 5,000 election jurisdictions who maintain these
systems throughout the country are not uniformly ready to
respond to a sophisticated adversary like that. So, to the
extent we can support them, that is an urgent priority.
Mrs. Davis of California. And you mentioned that many
counties don't audit. And is that because they feel that they
don't have the resources to do that, they don't have additional
funding? Or is it just an attitude as well?
Mr. Blaze. Well, no, I think, you know, everybody is trying
to do their best, but risk-limiting audits have not yet
penetrated throughout most of the country. There are only a
handful of States right now that do them. More States are
starting to explore them. To the extent that we can encourage
wider adoption of these, that will improve things
significantly.
Mrs. Davis of California. Yes.
Thank you. My time is up.
The Chairperson. Thank you.
I just have a few follow up questions.
First, I want to thank all of the witnesses, but also, Dr.
Gilbert, the National Academies' report was enormously helpful
to us, and I want to thank you for that. It really is the guts
of what we ended up putting in our SAFE Act that's now pending
in the Senate. Tremendous appreciation for you and the other
scientists who worked on it.
I want to talk about the ballot-marking devices. I don't
love these systems. On the other hand, we need to have a
capacity to allow the disability community to exercise their
franchise freely, and that's an important element of providing
for that.
I am concerned about the QR codes and barcodes that cannot
be read by the voter. And so, really, if you're checking the
paper, it really doesn't prove anything in terms of whether or
not the barcode reflects what is on the piece of paper.
It's not possible that all of that will be changed between
now and election day in November. What are your suggestions, as
computer scientists, Dr. Blaze and Dr. Gilbert, for what could
be done in the interim about that problem?
Mr. Blaze. So--should I?
Mr. Gilbert. Yes.
Mr. Blaze. Okay.
Ballot-marking devices were originally conceived purely as
an assistive technology for voters who couldn't mark their own
ballots for various reasons and were never originally----
The Chairperson. Correct.
Mr. Blaze [continuing]. Conceived as the primary method for
people for voting. It took us a bit by surprise that systems
that use ballot-marking devices as the primary method of voting
were being deployed and purchased by people across the----
The Chairperson. Correct. If I----
Mr. Blaze [continuing]. Country, but there's been an----
The Chairperson. Right.
Mr. Blaze [continuing]. Explosion of research over the last
year in whether voters can reliably verify them.
What we found, most recently studied by Alex Halderman's
group in Michigan, is that voters don't appear to be able to
reliably confirm that their marks match what their intent was.
And that's a significant--raises significant concerns----
The Chairperson. I understand that. And it's, like, 7
percent of the people, actually, according to that report.
Mr. Blaze. That's right.
The Chairperson. But what do we do about that?
Ultimately, I think we ought to have paper ballots and
these marking devices ought to be available to those who need
them because of disability purposes.
Mr. Blaze. Right.
The Chairperson. Between now and when that is achieved,
what do we do?
Mr. Blaze. The best thing we can do is voter education. The
Michigan paper has some concrete suggestions on interventions
that aren't perfect but they can at least increase the ability
for voters to check. And, you know, it's simply a matter of the
instructions given to voters, whether they're given a personal
reminder to check their ballot selections. And those appear to
make, you know, a significant--not sufficient, but significant
difference in how well they're verified.
The Chairperson. Dr. Gilbert, do you have anything to add?
Mr. Gilbert. Yes, I have a lot to add.
So, to start, these studies--I want to make the record
clear. The studies are saying that people did not verify their
ballot; they didn't say they could not verify their ballot.
So I would recommend, going to the Michigan study--notice
that the Michigan study said, ``Remind the voter to review
their ballot.''
The Chairperson. It goes up to, like, 70 percent if you
remind them.
Mr. Gilbert. Yes. Well, try this: ``Would you please verify
that your ballot selections were not changed?'' Rather than,
``Review your ballot.'' Let's try that.
The ballot-marking device--there were 16 million voters who
voted with a disability in 2016. What was the margin of
victory? Less than 3 million votes?
The Chairperson. Yes.
Mr. Gilbert. So if we were to design these machines so they
are only used by people with disabilities, an adversary finds
that as a happy day, because all you have to do is target a
specific group.
Universal design, meaning more people using those machines,
gives you greater security. The likelihood of catching errors
increases as a result of that.
I will be honest. The universal design when HAVA was
created, it was designed that each precinct would have at least
one accessible voting machine.
The Chairperson. Correct.
Mr. Gilbert. I said that wasn't possible because you're
going to have a separate-but-equal connotation. And they said,
you can't have one machine that everyone uses. So we built it.
Later this year, we'll have an announcement about a transparent
voting machine, a new innovation, that will address these
issues.
So, in the Academies' report, we recommended that we have a
national center to do research around these things. That is a
necessity. This is an arms race. It's not just going to happen
and end.
To suggest that we should go back to hand-marked paper
ballots is the same as saying, we had an accident on the
highway and people unfortunately died, so we should return to
horses and carriages.
The Chairperson. My time has expired.
But I do want to just mention, Ms. Howard, you have
decertified machines that didn't meet standards. We know that
we're not going to get to where we need to be between now and
November. Do you have any suggestions on what interim steps we
could take to make the systems safer?
Ms. Howard. Well, yes. Thank you for the question.
So two basic things, right? Voter education about how to
use the machines is very important. And, additionally, there
must be post-election audits which rely on the human-readable
portion of the ballots even if the ballots do include barcodes.
The Chairperson. Thank you.
My time has expired. All time has expired.
I would like to thank each of you for your testimony. Note
that, because we didn't get a chance ask all our questions, we
may follow up with written questions for you, and, in that
case, we'd ask that you answer promptly.
[The information follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. And we do thank you once again for your
service here as witnesses in helping us do a better job in
securing our election systems for this all-important 2020
election.
And this hearing is, without objection, now adjourned.
[Whereupon, at 12:43 p.m., the Committee was adjourned.]
[all]